Top
image credit: Pixabay

Hackers Using PowerPoint Mouseover Trick to Infect System with Malware

September 28, 2022

Category:

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware.

The technique “is designed to be triggered when the user starts the presentation mode and moves the mouse,” cybersecurity firm Cluster25 said in a technical report. “The code execution runs a PowerShell script that downloads and executes a dropper from OneDrive.”

Read More on The Hacker News