Mouse hover Zusy malware

The war between wetware and hardware.
User avatar
Pyrrho
Posts: 26172
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6

Mouse hover Zusy malware

Post by Pyrrho » Sat Jun 10, 2017 11:24 am

On Windows, where else?

https://www.bleepingcomputer.com/news/s ... -required/
Security researchers have spotted a booby-trapped PowerPoint file that will download malware to a computer whenever a victim hovers a link, no macro scripts required.
The victim does have to first open the PowerPoint file attachment and they have to have Office Protected Mode disabled, but still.

Another discussion:

https://www.dodgethissecurity.com/2017/ ... s-results/

and here

https://sentinelone.com/blogs/zusy-powe ... ng-macros/
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.

User avatar
Nyarlathotep
Posts: 47933
Joined: Fri Jun 04, 2004 2:50 pm

Re: Mouse hover Zusy malware

Post by Nyarlathotep » Sat Jun 10, 2017 2:56 pm

So if you still have to open the file to get infected, itsn't this pretty much like most malware spread by getting some sucker to open an attachement, only with an extra step?
Bango Skank Awaits The Crimson King!

User avatar
Pyrrho
Posts: 26172
Joined: Sat Jun 05, 2004 2:17 am
Title: Man in Black
Location: Division 6

Re: Mouse hover Zusy malware

Post by Pyrrho » Sat Jun 10, 2017 3:01 pm

Yup. This saves them a click.
The flash of light you saw in the sky was not a UFO. Swamp gas from a weather balloon was trapped in a thermal pocket and reflected the light from Venus.