There’s been a rise of attackers using Microsoft OneNote attachments to spread malware and infect victim’s computers. Previously attackers would use Microsoft word and excel attachments for distributing their malware. Those attachments would contain macros that would allow them to install malware, steal passwords, or even cryptocurrency wallets. However Microsoft disabled macros by default in July, making this method unreliable for distributing malware. We soon saw attackers utilise different file formats, such as ISO images and password protected zips. However both 7-Zip and Windows recently addressed this by displaying scary security warnings when a user attempts to open downloaded ISO and ZIP files. Microsoft OneNote attachments are now the attackers’ preferred file format. The attackers would attach malicious visual basic script attachments inside the OneNote that would automatically launch the script when double-clicked. The best way to protect yourself from malicious attachments is to simply not open files from people you do not know. However should you mistakenly open one, do not disregard warnings displayed by the operating system or application
This segment was created for the It’s 5:05 podcast