Hackers are now spreading malware using Microsoft OneNote attachments in phishing emails, infecting victims using remote access malware that can be used to install additional malware, steal passwords, or even cryptocurrency wallets.
For years, attackers have distributed malware in emails via malicious Word and Excel attachments that launch macros to download and install malware, reports Bleeping Computer.
However, in July last year, Microsoft disabled macros by default in Office documents, rendering this method untrustworthy for malware distribution.
Microsoft OneNote is a free desktop digital notebook application that comes with unauthorised access to and use of customer accounts,” Microsoft told The Register.
