Ukrainian cyber security threat group BlackEnergy has begun utilizing a new tactic in which it spreads malware through Word documents. The group was previously thought to exclusively use Excel and PowerPoint files through spear phishing emails which spread its BlackEnergy trojan, but is now expanding their repertoire of Office-related virus tricks. According to Kaspersy Lab’s Global Research and Analysis Team Director Costin Raiu, BlackEnergy’s attacks are becoming increasingly sophisticated and seem to be refining their methods by attacking with higher-capability viruses. This is a cause of concern considering that BlackEnergy’s preferred methods of attack are easily triggered by most people, and the average person cannot fend off an attack from the threat group.
Adding to BlackEnergy’s threat, other attackers have begun to follow suit and are using similar means of attacking. Though unclear whether or not these attacks relate to BlackEnergy, attacks through Word using Kasidet – a memory scraping and browser hooking virus – are meant to steal credit card and web browser information. To avoid these attacks, use caution when opening any Word, Excel or PowerPoint files from unidentified sources and always have computer security up to date.