Home Security Microsoft Word bug used to spread banking trojan

Microsoft Word bug used to spread banking trojan

Australian users of Microsoft Word are being advised to tread with care as a zero-day that was publicised on the weekend is being used to spread the Dridex banking trojan.

Security firm Proofpoint said it had observed the document exploit, which was publicised by McAfee and FireEye, being used in a large email campaign distributing Dridex.

Proofpoint said the trojan was distributed to millions of recipients across numerous organisations in Australia, which they claimed was the primary country of this attack.

Microsoft has issued a patch for this vulnerability, the details of which were reported by iTWire on Sunday.

The bug in question allows a malicious Word document containing an OLE2link object to be executed by a system running even Windows 10. On execution, a malicious .hta file is fetched from a command server and run on the machine in question.

Screen Shot 2017 04 12 at 9.37.44 AM

The dialog box that appears when users open the document on a vulnerable system. 

Sherrod DeGrippo, director of Emerging Threats for Proofpoint, said: "Threat actors continue to demonstrate their flexibility and adaptability, rapidly taking advantage of new means of infecting users.

"Although attacks relying on document exploits are increasingly uncommon, they certainly remain in attackers' toolkits. New, exploitable vulnerabilities are often not readily available but, in this case, attackers obviously jumped at an opportunity to launch a large campaign that relied on this new exploit."

Microsoft also released additional updates for vulnerabilities in its products overnight, as part of its monthly security updates.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.