How a Word document can put your data at risk?

hacker story
hacker story

Last updated: January 1, 2023

Weird bill by email? Please don't click. Hackers have found a new method to bypass your vigilance.

Today we discovered Locky, a new ransomware which will lodge itself directly in a Word file and which could do great damage to your computer.

To recall, a ransomware is malicious software whose objective is to hold your data hostage in exchange for a ransom. To do this, ransomware encrypts your personal data (Word, PDF, Excel, JPG, etc.). Then the hackers asks you to pay in exchange for the encryption key.

How does it work ? In the case of locky, the hacker sends you an email with a Word or XLS file attached.

These DOC or XLS files use a piece of Visual Basic code called “Drixed”. This “script” then allows you to load all kinds of crap into your PC: to take control of your PC.

Like most malware, it requires human manipulation (social engineering) so that it can be installed on a computer. It is generally by email where the hacker explains to you that an invoice has been sent to you. And you will find all the information in the attached file.

example-mail-ransmoware-word
Example email containing Ransomware Source: Gamerz

If unfortunately you have opened the Word or Excel document, it's too late. The Malware quickly installs and encrypts your documents. And when you try to open its files, a web page explains how to pay the ransom. Often, they offer to pay between $500 and $1.000 in Bitcoins using the Tor network.

The best way to protect yourself is not to open this type of attachment, especially from unknown senders and make backups valid and regular important files.