Threat Actors Exploit Microsoft OneNote for Malware Delivery via Phishing Attacks

Threat Level – Red | Vulnerability Report
Download PDF

Cybercriminals are using Microsoft OneNote’s ability to embed files to deliver malware to users via social engineering techniques. OneNote allows users to organize information and insert files such as images, documents, and executables. However, attackers can steal data or install ransomware on their systems once users click on the embedded code. A recent campaign involved a malicious OneNote document-delivering Formbook, and there has been a notable spike in emails utilizing malicious OneNote attachments with notorious malware strains also shifting to this delivery mechanism.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox