Microsoft to Block Excel Add-ins to Stop Office Exploits

malware

AI generated Image

Following that decision, threat actors began incorporating Shell Link (LNK) files as payloads for a number of malware families, with their use peaking in October with a spike in usage by the operators behind Qakbot, according to an analysis this week by researchers in Cisco's Talos intelligence group. The add-in functionality has become increasingly popular with attackers since then; in fact, according to an Arctic Wolf report from early 2022, the use of XLL files increased nearly 600% in 2021. And LNK files aren't the only file type that's becoming a more popular way to hide malicious code in the wake of blocking macros.

Source read time: 3 min - darkreading.com

Also offered in: Nederlands

More news for you