GIFT a SubscriptionGift
HamberMenu
  1. Olympics
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Olympics
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

Microsoft OneDrive users in India could be tricked into installing a malware this way

Cybersecurity researchers at Trellix note that victims of the attack are normally from India, U.S., South Korea, Germany, Ireland, Italy, Norway and the UK

Updated - July 31, 2024 11:44 am IST

Published - July 31, 2024 11:21 am IST

The Hindu Bureau
FILE PHOTO: Cybersecurity experts have revealed that a new campaign targeting Microsoft OneDrive users could trick them into downloading malware. 

FILE PHOTO: Cybersecurity experts have revealed that a new campaign targeting Microsoft OneDrive users could trick them into downloading malware.  | Photo Credit: Reuters

Cybersecurity experts have revealed that a new campaign targeting Microsoft OneDrive users could trick them into downloading malware. Researchers from Trellix Advanced Research Center have shared that the phishing campaign was done with the aim of executing a malicious PowerShell script. 

Users will receive an email address with a .HTML file attached usually titled ‘Reports.pdf,’ to trick users into thinking it’s an important document from work. As soon as its opened, users will get a window that looks like Microsoft OneDrive along with an error stating, “Failed to connect to the ‘OneDrive’ cloud service. To fix the error, you need to update the DNS cache manually.”

There will be two options available including, ‘How to fix’ and ‘Details,’ and the second option will direct users to an actual Microsoft Learn page on troubleshooting. But the first option will take them through steps which launches the PowerShell terminal. 

Microsoft employee discovered ‘backdoor’ in open source software that could have impacted millions

The researchers noted that victims of the attack were normally from the U.S., India, South Korea, Germany, Ireland, Italy, Norway and the UK. 

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

Trellix has been tracking the campaign under the name OneDrive Pastejacking. 

Recent phishing campaigns have also become common where emails with links to Microsoft Office Forms from compromised legit email addresses are sent asking users to reveal their Microsoft 365 login credentials under the garb of restoring their Outlook mails. 

Related stories

Related Topics

technology (general) / internet / emerging technologies

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.