Bad Actors Exploit Two Popular Apps - Adobe & Micosoft Word

Adobe and Microsoft Word are two of the most popular business apps available for business and personal use.

As people become more informed of the risks of opening malicious Microsoft Office attachments, it's worrying as researchers recently illustrated how PDFs are being used as a transport for Word documents to trick users and spread a keylogger exploit. Our professional-grade Remediation & Recovery Ransomware protection easily detects bad attachments. However, attackers continue creating new methods to trick their victims into downloading destructive payloads that evade detection no matter what protection is in place. What may go unnoticed to the user is when the PDF is opened, Adobe prompts the user to open a Microsoft Word DOCX file contained within, because the infected word file was named "has been verified," the Adobe Open File prompt states, "The file 'has been verified." This message could trick recipients into believing that Adobe verified the file as legitimate and that the file is safe to open. When in fact it's the exact opposite. After what is believed to be a clean Microsoft Word document, if macros are enabled, code is downloaded and triggered by a file from a remote resource waiting to initiate the attack.

What can you do as cyber attacks continue to increase and become better organized? Keeping yourself informed and remaining vigilant when opening any email attachment goes a long way. Check that your software is current and fully patched. This threat was first made aware of in 2017, CVE-2017-11882, and was successful due to the lack of patching back then. Listen and follow your gut, if something feels off there’s a good chance it is. In this case, it’s very uncommon to launch Adobe to open a Word document. Those that fell victim reported they felt opening a Word document from Adobe was strange, and didn't feel right. It's always better to play it safe and forward any questionable attachments to your IT for further analysis.

We're here to help, available to fully protect your business against relentless cyber-attacks, giving you peace of mind so you can focus on your business. Please don't hesitate to contact us today.