Beware of the 'Windows 11 Alpha' cyberattack campaign

Anomali, a security firm, has just issued a warning about a new cyberattack campaign with themes related to Windows 11. Cybercriminals use malicious Word files disguised as user manuals. users to seduce victims.

These Word documents are named "User-Progress-072021-1.doc" and contain content with the title "Made on Windows 11 Alpha". The next content of the document is a guide to opening a safe document, but it is actually the steps to activate malicious code.

Most users who are familiar with Windows 11 builds know that there is no version named Alpha. However, those who have never heard of Windows 11 can be tricked into running a malicious Word file.

Cybercriminals attack by tricking users into activating macros built into Word files. Once activated, the macro can perform various activities such as information gathering, data mining and even ransomware download.

Anomali believes the Word file containing this malicious code was created by the hacker group FIN7. This group regularly targets retail and hotel systems for large-scale data theft.

To ensure safety, users should be wary of attachments sent via email or text message. Do not enable macros on Word, Excel files. when its origin is unknown. Always turn off the macro mode on Word, Excel if there is nothing to use.

David Pac

Update 06 September 2021