"DANGEROUS"
Today we'll talk about how Microsoft Word is infected and why you shouldn't open unverified documents, pdf, etc.
Viruses, tracking, refs - these are exactly the things that integrate well into Word. Usually, people do not check documents for vulnerabilities, and antiviruses do not sound the alarm, so attackers are actively using this. We, in turn, will not embed a specific virus, but simply consider this method using the IP logger as an example (a program for demonstrating the IP)
- Create a new Word document> Go to the "Insert" tab> the "Internet video integration" item.
- Select YouTube> to write the desired channel name and select the video. This video is in the file (you can choose any other site, not necessarily YouTube)
- Save and close the document> run WinRAR> find our document.
- Click on the document and its internal content opens> open the word folder> see the document.xml file
- Drag it to the desktop and open it through notepad> find in it a link to our video and replace it with the IP logger link (https://iplogger.ru/)
- Save and return to WinRar.
All. Now if you open this Word document, the video will remain there. Even if you hover the cursor, a link to the video will be displayed, and not to the IP logger. After a person tries to watch the video, we will instantly receive his coordinates and IP address.
Such manipulations in Word can be done with absolutely anything, so there is only one conclusion - check everything and always!