Microsoft Word Can Be Used to Hide Cryptocurrency Mining Scripts

Through the online video feature of Word you can install a script in the video code to hijack the CPU of a device to the cryptocurrency mining.

Nowdays we hear about more and more hacker attacks aimed at the mining of cryptocurrencies . Between government sites and computers of large companies, passing through our smart TV and smartphones, nothing is safe. Even Microsoft Word documents can be used for this purpose through the use of a script that hijacks the victim device to Monero’s mining.

Nothing is safe from cryptocurrency mining

According to Votiro security researchers, the attack takes advantage of the online video function of Word to get to the CPU. This feature  allows users to paste the iframe embedding code to add an Internet video to a Word document. The video will then be displayed in the document itself and can be played the next time a user opens it.

From here, to make the whole thing a vector for cryptojacking scripts, the step is short. By inserting one of these scripts into the video code, you can induce a victim to execute it, thus starting the extraction of the Monero virtual currency, which apparently is the favorite of those who deal with cyber attacks.

To make the attack as effective as possible, hackers can edit the video to make it more suitable for the victim type. Once this is incorporated, it can be started by the unaware user who might not notice the increase in processor work, it could even reach 99%. Obviously, the longer the video is, the longer the attack will last, so it’s easy for hackers to make a few tricks. The researchers noticed that there is a way to create a fake loading screen that gives a few seconds or minutes.

Internet Explorer, the system that is used by Word, is the most at risk for this type of attack because it is updated less frequently than others, also because it is less popular. The system used to mine cryptocurrencies could also be used for more dangerous endings, such as the installation of a banking Trojan or other attacks.

To Top