MS Word Maybe Used for Cryptojacking Attacks [source: hackread]
by CIRT Team
Amit Dori, a security researcher from Israel, who works with Votiro, was first to draw attention to this issue. Amit Dori says that cybercrooks may host a benign video on their servers and add a cryptojacking script to mine Monero or another cryptocurrency. Once the user clicks on the playback, browser launches and CoinHive or another popular miner may start earning crypto to the distant scammer.
This issue could be partially avoided if Word allowed to whitelist domains and play only YouTube or Vimeo videos. Some security researchers believe that such a scenario is extremely unlikely. Hidden web browser mining financially justifies itself only in case the user does not disconnect the player for a long time.
Now, most people prefer watching videos on YouTube, some download them. But who is going to watch or insert movies into MS Word? According to Amit Dori, crooks still may try to insert longer video or add several short videos with smooth transitions from one video clip to another.
Still, in order to make a profit, the scammer will have to convince thousands of users to open Word booby-trapped documents on daily basis.
For now, crooks find that the most effective way is to hack the video streaming services and to place crypto miners there. Visitors stay on such websites for a long time and do not notice high CPU and processor load while watching movies.
For more, click here.