For transactional purposes, many people save Microsoft Excel accounts for personal or company use. Excel is used for various functions, including compensation computation and personnel administration.
As a result, a group of hackers is conducting malware attacks to steal the data of Excel software users worldwide.
According to cyber security research firm Zscaler ThreatLabs, the ‘Agent Tesla’ malware penetrates the device and collects data by injecting deceptive code.
Because of this, hackers can gather a variety of user data remotely.
ZScaler ThreatLabs reports that an Equation Editor bug in Microsoft Office has been identified as CVE-2017-11882.
Using this vulnerability, criminals distribute malware-infected files via e-mail to Excel users.
By downloading the file, malware penetrates the device and sends information to the hackers without the users’ knowledge.
The primary targets of this cyberattack are Excel users running outdated versions of the program.
As a result, hackers begin gathering data without the user’s knowledge.
In this regard, Kaivalya Khursale, a cyber security researcher, stated, “Our analysis highlights how threat actors constantly adapt infection methods, making it imperative for organizations to stay updated on evolving cyber threats to safeguard their digital landscape.”
“In addition to staying on top of these threats, Zscaler’s ThreatLabz team continuously monitors for new threats and shares its findings with the cybersecurity community.”
According to The Hacker News, Agent Tesla is a.NET-based remote access Trojan virus.
This malware can collect information invisibly and send it over C2 servers.
As a result, you should avoid downloading files sent by strangers while also using the most recent version of Excel.