Fake Office Add-Ins on SourceForge: Malware Mines Crypto and Your Patience!
Fake office add-ins are making their rounds, with threat actors using SourceForge to distribute malware masquerading as Microsoft tools. These sneaky scripts mine and steal cryptocurrency while evading detection. Users searching for office add-ins should be wary and stick to trusted sources like GitHub. Stay cautious and keep your antivirus up-to-date!
Hot Take:
Seems like the hackers have upgraded from the good old “Nigerian prince” scam to something a tad more sophisticated—fake Microsoft add-ins. Who knew Office tools could be weaponized to mine crypto? Next thing you know, your Excel sheet will start demanding Bitcoin as a processing fee!
Key Points:
- Threat actors are distributing fake Microsoft add-ins via SourceForge, targeting unsuspecting users.
- The malicious campaign has already affected over 4,604 systems, primarily in Russia.
- The fake software mimics legitimate Microsoft projects but installs malware for crypto mining and theft.
- Although the malicious project is no longer available, it was indexed by search engines, luring more victims.
- Kaspersky advises downloading software from trusted publishers and scanning with up-to-date antivirus tools.
Already a member? Log in here