Microsoft discovers hackers using malicious Excel files to attack cryptocurrency companies

share
Microsoft discovers hackers using malicious Excel files to attack cryptocurrency companies

Microsoft recently released a cybersecurity report identifying attackers labeled as DEV-0139, who targeted cryptocurrency investment companies through Telegram chat groups. Once gaining the trust of community members, the attackers would send a file named "OKX Binance & Huobi VIP fee comparison.xls," which, despite containing accurate information, also harbored malicious code aimed at obtaining user data.

Table of Contents

Microsoft recently released a security investigation indicating that attackers identified as DEV-0139 are targeting cryptocurrency investment companies through Telegram chat groups. Once gaining the trust of community members, the attackers send a file named "OKX Binance & Huobi VIP fee comparison.xls," which, despite containing accurate information, also carries malicious code to obtain user data.

Attack process:

Real account on the left, fake account on the right:

Malicious information in the Excel file: