The United Nations has been hit by a targeted cyberattack that uses one of the world's most notorious malware strains.
Criminals used the Emotet malware in order to launch a phishing campaign aimed at stealing login details for UN staff and officials alike.
Hundreds of workers were tagered in the attack, which focused on the UN headquarters in New York, with the hackers devising an ingenious strategy to try and trick their victims.
- Microsoft Office apps hit with more cyberattacks than ever
- Over a thousand schools hit by ransomware in 2019
- Businesses facing major threat from financial malware
The campaign was uncovered by researchers from security firm Cofense, who found that the hackers pretended to be from the Permanent Mission of Norway.
The email said that the Norwegian representatives had found a "problem" with an attached signed agreement, and that the recipient needed to review the document to learn exactly what it was.
Opening the email's Microsoft Word attachment launches a spoof document template with a pop-up warning saying the "document only available for desktop or laptop versions of Microsoft Office Word."
The victim is then prompted to click on 'Enable editing' or 'Enable Content' to view the document, which when activated, executes malicious Word macros that downloads and installs Emotet on the victim's device.
Emotet would then run in the background while sending out spam emails to other victims, as well as downloading other malicious payloads, most notably the dangerous TrickBot trojan, which has in turn been linked to the notorious Ryuk ransomware.
- Stay safe online with the best antivirus software for 2020
Via Bleeping Computer (opens in new tab)