Nowadays, an attacker is trying to exploit an old vulnerability that been found in the year 2017 on Microsoft Outlook (CVE-2017-11774).
This malware has been discovered by Sensepost and reported the vulnerability to Microsoft in 2017. As a result, Microsoft has released the patch update for the vulnerability flaw around October 2017 to the public
According to the Department of Homeland Security Cybersecurity and Infrastructure Security Agency:
This can be a way to the attacker to install the malware on the victims’ network
How the malware works?
The malware will allow the attacker to install and run the malware into the Outlook sandbox where the attacker also can run any other malicious code that reside in the other operating system.
According to the analysis made by Sensepost, the only resort for this vulnerability will be patching the system. A Security practices that can strengthen the defense is advisable such as put a line of defense of multi-factor authentication.
In 2018, APT33 (Iranian Hackers) have report the vulnerability been exploit despite of the patch made in October 2017. However, there is an unpatched system where the attacker took advantages of exploiting the bug to run commands on the victims’ system
The way of exploit the flaw, the attacker will use brute-force attacks method to make use of weak password with multiple account which is been targeted all at the same time.
Previously on June, DHS have warned on the Iran Hackers are focusing the US network with a wiper malware. It will affect the relationship between those two countries to be rise.