Rising Threat: LokiBot Malware Exploits Microsoft Word and GitHub Repos

July 17, 2023 at 09:04 AM

•

1 min read

Rising Threat: LokiBot Malware Exploits Microsoft Word and GitHub Repos — Photo: The Hacker News

TL;DR Summary

Cybercriminals are exploiting vulnerabilities in Microsoft Word to distribute LokiBot malware. The attacks use phishing lures in Word documents, taking advantage of known remote code execution flaws (CVE-2021-40444 and CVE-2022-30190). LokiBot is an information-stealing Trojan that primarily targets Windows systems, aiming to gather sensitive data. The malware is delivered through an HTML file that exploits the vulnerabilities and launches an injector module written in Visual Basic. LokiBot has the ability to log keystrokes, capture screenshots, steal login credentials, and extract data from cryptocurrency wallets. The attackers continuously update their methods to spread and infect systems.

Topics:technology #cybersecurity #lokibot #malware #microsoft-word #phishing #vulnerabilities

Share this article

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware The Hacker News
Fake GitHub Repos Caught Dropping Malware as PoCs AGAIN! HackRead
Fake PoC on GitHub lures security researchers to download malware SC Media
LokiBot Malware Targets Windows Users in Office Document Attacks Infosecurity Magazine
View Full Coverage on Google News

Reading Insights

Total Reads

Unique Readers

Time Saved

1 min

vs 2 min read

Condensed

74%

366 → 95 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights