Security Snapshot is now part of SurgeONE.ai Same experts, even more power.
< BACK TO BLOG

LokiBot Information Stealer Targets Unpatched versions of Microsoft Word

July 17, 2023

Security researchers at FortiGuard Labs report active malware campaigns looking to capitalize on two, older vulnerabilities in Microsoft Word to spread LokiBot malware.  The malware is an information-stealing Trojan active since 2015 and aims to gather sensitive information from infected machines.

The two vulnerabilities being targeted are CVE-2021-40444 and CVE-2022-30190, patched by Microsoft 9/14/21 and 5/30/22 respectively.

If you try and open the file, the following prompt is displayed to entice you into enabling editing

Takeaways:

  • Users should exercise caution when dealing with any Office documents or unknown files
  • Users need to be vigilant and avoid clicking on suspicious links or opening attachments from untrusted sources
  • Keeping software up to date with the latest security patches can help mitigate the risk of exploitation

Source: FortiGuard Labs

Need Help Now?
sales@surgeone.ai
+1 650-294-8889
How it WorksOur ProcessPricing Options
What Our Clients SayWho We ServeCyber Bites
About usPrivacy policyContact Us
© Security Snapshot.
Privacy Policy | Master Services Agreement