FileHippo News

The latest software and tech news

New cybersecurity threat lurks in Microsoft PowerPoint. Microsoft Office is once again the go-to tool for spreading malicious software, after macro-based Word doc attachments... Zusy Malware Installs By Simply Hovering The Mouse

New cybersecurity threat lurks in Microsoft PowerPoint.

Microsoft Office is once again the go-to tool for spreading malicious software, after macro-based Word doc attachments fell out of favor due to awareness. While those Word doc attachments are certainly making a comeback, a newly discovered threat is relying on PowerPoint to deliver the bad news.

Zusy Malware detected in Microsoft PowerPoint Installs By Simply Hovering The Mouse

Zusy malware does not rely on macros, JavaScript or VBA macros to be enabled.

No click required

What’s different about the Zusy Malware, though, is that you no longer have to click to download and install it. In the past, opening the attachment would prompt you to open or save the file, but the phony message box was really giving you only the option to flood your computer with a virus. Now, the prompt box that appears needs no clicking to install the software; simply hovering your mouse does the trick.

Hypertext trap

According to Tom Spring on ThreatPost, “The malware is novel because it does not rely on macros, JavaScript or VBA macros to be enabled for the dropper file to download the malware payload. Instances of the malware are relatively low, according to researchers who attribute the small infection numbers to the fact that recent versions of Microsoft Office warn users that booby-trapped files could be malicious. Victims must first open the PowerPoint file to become infected; once opened a “Loading
 Please wait” hypertext message appears. If a user hovers over those words it triggers an infection chain that delivers the Zusy malware payload.”

Protection is key

Admittedly, researchers haven’t found too many actual cases of Zusy infecting anyone, but there have still been a few, enough that it warrants public attention and some word of caution from Microsoft. It tends to manifest as spam email attacks that include subject lines about purchase orders and order confirmations, which typically target business customers. More importantly, it’s yet another real-world reminder of the need for strong, up-to-date antivirus protection that blocks threats in real-time rather than simply scanning your computer and removing threats at a later date.

Protect your PC from malware – download the latest security and anti-malware software now â€“ here on FileHippo.