Pickr
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap
No Result
View All Result
Pickr
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap
No Result
View All Result
Pickr
No Result
View All Result

New malware means you don’t need to click to get infected

Leigh :) StarkbyLeigh :) Stark
June 15, 2017
Reading Time: 2 mins read
Share on TwitterShare on FacebookShare on LinkedInShare over email

There used to be one rule when it came to getting infected with a computer virus: you have to download, run, and execute the file. Not any more, it seems.

The old idea of physically engaging with a form of security exploit in order to have it infect your system is no longer completely true, as Trend Micro has this week discovered something rather interesting.

Instead of knowing that you need to click, a new Trojan variation discovered written about by its security experts on the Trend Labs Security Intelligence blog cites that something as simple as hovering your mouse over an infected link could see the payload delivered to your computer and executed.

This is a dramatic difference from the usual way we get infected, which usually requires a bit of human intervention and the touch or click of a file. Granted, people tend to be tricked into firing these files up, downloading a payload under false pretences, but it still requires the click, and doesn’t just run automatically when a mouse cursor hovers over the link.

Yet in the case of the “OTLARD” banking Trojan, that’s exactly what happens, with a recent variant disguised inside of a PowerPoint file, affecting one link in the slideshow.

The rather curious attack arrives in a PowerPoint file that can be opened by the victim, and while the file has to be downloaded to fire up, from there all that needs to be done is for someone to hover over an infected link with a bit of code behind it that downloads the malware and infects your machine.

Image credit: Trend Micro

While the technique still technically requires a download of a PowerPoint presentation, the right wording in an email could make this very easy, with all that’s needed being one email from a friend, a co-worker, or client convincing you that the presentation is related to something you may or may not have spoken about, or even possibly worked on.

There is an upside to this, with Trend Micro’s team citing that the trick “will not work in Microsoft PowerPoint Online or Office 365’s “web mode””, meaning if you regularly use PowerPoint in these systems, you’re fine.

In fact, if you rely on recently updated internet security programs, you should also be in the clear, just make sure to keep those security signatures up-to-date, of course.

And as always, be careful what you click, because this is one crafty little file, and chances are that it won’t be alone, with more nasty tricks like it on the way.

Leigh :) Stark

Leigh :) Stark

One of Australia's well regarded technology journalists working out of Sydney, Leigh Stark has been writing about technology for over 15 years, covering phones, computers, cameras, headphones, speakers, and more. Stylising his middle initial with an emoticon, he aims to present tech in a way that makes it easy for everyone. You can find him on Twitter and Facebook where he's typically talking tech, and can tune into what he's listening as he writes via Apple Music. While he founded Pickr in 2016, Stark's work can be seen in other publications including The Australian Financial Review, Popular Science, and many more. His award-winning podcast "The Wrap" is syndicated on Southern Cross Austereo's LiSTNR network weekly, while he can be heard on radio via ABC Brisbane and ABC Canberra, and seen on TV's Nine. Check out Leigh Stark's most recent media appearances.

ADVERTISEMENT

Related Posts

Scammers try a dark approach with coronavirus vaccine scams
Security

Google Drive goes on defence with anti-malware, anti-phishing

May 17, 2022
How chatbot scams work
Online

Why passwords are problematic, but why we have trouble moving on

May 5, 2022
What is stalkerware?
How to

How an NBN scam can appear convincing (and why it’s not)

February 28, 2022
ADVERTISEMENT
  • Recommendations
  • Best Picks
  • Methodology
  • About
  • Media Appearances
  • Contact
Change the way you choose.

© 2016 to 2022 Publishr Pty Ltd: ACN 624 227 256
All rights reserved.

No Result
View All Result
  • Latest News & Reviews
  • Recommendations
  • Phones
  • Earphones
  • Sound
  • The Wrap

© 2016 to 2022 Publishr Pty Ltd: ACN 624 227 256
All rights reserved.