Cryptojacking can now be done through Microsoft Word documents
A security firm has uncovered another potentially dangerous vector for infection.
Security firm Votiro has uncovered a potential new avenue for cryptojacking attacks. Cryptojacking is when a user is unknowingly tricked into mining cryptocurrencies, usually Monero, for someone else. When a computer is being used for mining, it dedicates most of its processing power to the task. Depending on what else you're trying to do it might slow your computer to a crawl, or be almost unnoticed. It's not dangerous in itself, but it's annoying and unscrupulous.
One might find oneself unknowingly mining crypto by visiting certain web pages, unwisely opening unknown email attachments, playing an infected video on YouTube or even in a sidebar ad, or by opening a compromised Microsoft Word document, as Votiro has discovered.
How it works
The potential vulnerability lies in the relatively new online video feature in Microsoft Word. This lets someone embed online videos and other Internet Explorer code into Word documents, which can then mine cryptocurrency when a user opens the document.
This is a boon for unscrupulous cryptojackers because Word is used much more widely than Internet Explorer and has a potentially much wider pool of victims.
It might also be much easier to trick people into Microsoft Word exploits than others. This is because the Microsoft Word documents themselves are perfectly real and legitimate, they might just happen to be hosting malicious code on them. This could make it much harder to spot than other malicious email attachments.
The same potential vulnerability can be used for attacks other than cryptojacking, including good old malware and trojan installation, or phishing attacks. Votiro gives examples of each attack type and what they look like.
What you can do about it
It might be a simple case of applying the same discretion to Microsoft Word documents as you would to anything else you get online or receive in an email. If you don't trust the source of an MS word document, it might be worth being hesitant.
Disclosure: At the time of writing the author holds ETH, IOTA, ICX, VEN, XLM, NANO, SALT, BTC