BleepingComputer reported that attackers have targeted precision companies in Italy with phishing that is difficult to spot. The final payload is a fileless trojan that harvests credentials. The campaign used a legitimate-looking Microsoft Excel spreadsheet embedded with exploit code that moves silently to infect the computer.
Unlike the run-of-the-mill methods of infection that involve a Microsoft Office document, the cybercriminals behind this campaign did not embed malicious macro code in the Excel file, which would call for user interaction.
Instead, they opted for a stealthier variant: an exploit for a remote code execution security bug that would run automatically run code on the victim computer without user intervention as soon as the document was opened.
Users will rarely spot such a particularly well-crafted phishing email like this, so this highlights the relentless need to patch systems and keep cyber hygiene up to scratch – boring, but necessary. The fact that the exploit had been identified and fixed 2 years ago should raise some questions in that business about their cybersecurity controls as a matter of urgency. Failing to manage cybersecurity risk could very likely impact their future orders and business.