A worm-style threat

3 years ago
Anonymous $BH0TGXkyPe

https://www.bleepingcomputer.com/news/security/political-themed-actor-using-old-ms-office-flaw-to-drop-multiple-rats/

A novel threat actor with unclear motivesis running a crimeware campaign delivering multiple Windows and Android RATs (remote access tools) through the exploitation of CVE-2017-11882.

This four-years-old Microsoft Office Equation Editor bug was addressed in the November 2017 patch, but it appears that it's still available for leverage, especially in India and Afghanistan where the targets of this campaign are based.