Microsoft Office Docs New Vessel for Loki Malware

A new attack has been identified that delivers Loki malware through malicious “scriptlets” in Microsoft Office applications. These “scriptlets, which utilize external links embedded in the documents, often bypass traditional antivirus because they show no evidence of shellcode, macros, or DDE functionality. Loki is a type of malware designed to steal usernames and passwords from email clients, browsers, FTP clients, and file management software. This attack exploits a vulnerability that was patched in April and updated in September of 2017. Banks should always ensure critical security vulnerabilities are patched as promptly as possible to protect against threats such as this. 

Relevant URL(s): https://www.darkreading.com/attacks-breaches/microsoft-office-docs-new-vessel-for-loki-malware/d/d-id/1330678