Cybercriminals are using new sophisticated techniques to spread CSV malware via Google sheets instead of using Microsoft Excel sheet which is often used by malicious hackers.
Cyber attackers are day today increasing and the attackers are always one step ahead to launching sophisticated cyber attackers which is very difficult to detect and mitigate.
Basically .CSV files could be opened in MS Excel when you click on a
.png
)
In this case, the Attacker embedded the malware dropper within the Google spreadsheet to infect the users and its launching via spam emails.
Spreading the malware via Google Spread Sheet is create more trust among the normal peoples without
Google Sheets spreading .CSV dropper
Google basically implemented the sophisticated
But an attacker bypass this Google filter technique and they easily use Google Sheets as a Malware vector. anyhow, Google has been alerted about this issue but it confirmed that it’s actually an “Intended Behaviour”.
According to the researcher, Finally, an attacker could send a clear link over an instant message platform and/or over an
Users need to aware of this kind of serious attacks, avoid to download links if you receive a link to a not working Google Sheets.
IOC:
- Hashes:
- 5e561bf9e088f8f2b9c0610fb6f61f6d7655f6a0988a0d304452d8fa73a6a628 (.CSV)
- cd3d1b4d147a198e1a2b7e3f4370998142bf20cbdfdd3d30cf86d65b5bd40f50 (dropped)
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
