Microsoft Issues Black Friday Malware Warning
Microsoft Malware Protection Centre (MMPC) issued a warning on Tuesday regarding a possible malware attack that might be launched in the days leading up to Black Friday.
Through Twitter, the company warned followers of a malicious document that could exploit Dynamic Data Exchange (DDE), a method used by Windows operating systems for simple and easy interprocess communication tasks. Using DDE, the threat should be able to run a remote HTML application.
"Watch out for malware attacks riding the #BlackFriday frenzy," Microsoft said in a tweet. "A malicious document named "eMAG – Catalog Oferta Black Friday 2017.doc" attempts to exploit #DDE to run a remote HTML application (.hta)."
With DDE, one could access items that are made accessible through a separate program. For instance, the program can be used to access a single cell from an MS Excel spreadsheet. The operator of the program can even be notified of changes made to that particular cell in the spreadsheet.
According to Microsoft, the cybercriminals seem to be using it to test a new technique, one which involves the use of HTA (HTML application), as previous DDE-based malware used PowerShell. The company said that the malware is linked to a URL that has the word "test" in it. As of now, it is inaccessible.
They continued, "We can speculate that a functional version will be distributed by cybercriminals via spam campaign in the days leading up to #BlackFriday."
Windows Defender AV is capable of detecting the new DDE-based malware as Exploit:O97M/DDEDownloader.E, the company added However, they did not say if other antivirus programs are able to identify this particular threat.
Black Friday this year falls on the of Nov. Although24. not an official holiday, the day marks the beginning of the Christmas shopping season in the U.S.
Shoppers are encouraged to be cautious of the threat.