New Infection Method – Hovering Your Mouse on a Link - How to, Technology and PC Security Forum | SensorsTechForum.com
NEWS

New Infection Method – Hovering Your Mouse on a Link

OFFER

SCAN YOUR PC
with SpyHunter

Scan Your System for Malicious Files
Note! Your computer might be affected by Infection and other threats.
Threats such as Infection may be persistent on your system. They tend to re-appear if not fully deleted. A malware removal tool like SpyHunter will help you to remove malicious programs, saving you the time and the struggle of tracking down numerous malicious files.
SpyHunter’s scanner is free but the paid version is needed to remove the malware threats. Read SpyHunter’s EULA and Privacy Policy

Researchers have identified a new method by which one can get infected with viruses and this method is likely to become widespread soon, so suggestions are to be extremely careful. The method is dangerous primarily because it takes advantage of the hyperlinking technology. How it works is that it automatically injects a script when you simply hover over a hyperlinked host without even having to click on it.

Trend Micro, one of the largest cyber-security firms with extensive experience and proactive threat monitoring has detected this new method to work on a infected Microsoft PowerPoint presentation file. The file had a hyperlink which takes advantage of a malicious PowerShell script to be executed. The execution of this script may be undetected if you hover on the link, but the newer versions may detect the script to be ran in the %Temp% folder of Windows via a pop-up. The pop-up that detects the script does not stop it, but rather has an Enable and Disable button that gives the choice to the user. It has the following message:

“Microsoft Office PowerPoint Security Notice
Microsoft Office has identified a potential security concern.
File Path: {%Temp%\Random}
To help protect your security, Microsoft Office has blocked the ability to run an external program automatically. If you choose to enable the external programs, your document and computer may no longer be secure.
If you wish to run external programs in Action Settings, click Enable. If you wish for external programs in Action settings to run automatically, click enable All, but note that this may be a security risk. Otherwise, click Disable to continue.”

So if PowerPoint detects such a script while it is running without you having clicked on any object, it is advisable to disallow it from running again. The risk is not as big, because the newer versions of Microsoft Power Point will usually warn. However, many users are used to hovering over objects to read information, and if this Windows pop-up is bypassed, many users may be at risk in the future.

Ventsislav Krastev

Ventsislav has been covering the latest malware, software and newest tech developments at SensorsTechForum for 3 years now. He started out as a network administrator. Having graduated Marketing as well, Ventsislav also has passion for discovery of new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management and then Network Administration, he found his passion within cybersecrurity and is a strong believer in basic education of every user towards online safety.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...