News broke earlier today that hackers have launched a new spam campaign, targeting the telecommunications, insurance and financial services industries. The campaign involves hackers using new Microsoft Office vulnerabilities to spread a potent backdoor malware called Zyklon, which can steal passwords, allow hackers to launch DDoS attacks and mine cryptocurrency, among other things.
Sean Newman, Director of Product Management at Corero Network Security:
“There’s no getting away from the levels of sophistication that cyber criminals are now using to underpin their nefarious activities. This latest report of vulnerabilities in Microsoft Office products being leveraged to install malware, which can be remotely controlled to deliver those attacks, may not be a surprise to many people.
“However, the flexibility and attack scale possible from such an army of compromised devices should be a significant concern. The possibilities for cryptocurrency abuse or the ability to generate large-scale DDoS attacks have significant revenue generating potential for the cyber-criminals, at the expense of those trying to benefit from the broad opportunities the Internet affords.
“Ensuring your software is patched can help to keep you safe from attacks on your data or cryptocurrency, but the only way to ensure you are safe from external DDoS attacks generated by this malware, is to ensure you have the latest real-time protection in place.”