Microsoft and Binance CEO warns crypto users to a hazardous Excel attack: "Don't download files"
Microsoft's security team has unveiled an attack which targets several cryptocurrency exchanges. Moreover, Binance CEO CZ has also warned users about this issue.
Microsoft's security group has unveiled an attack where a noxious hacker targeted several cryptocurrency exchanges. The attacker, DEV-013, acted as an employee of a cryptocurrency exchange to enter Telegram channels. The attackers pretended to talk about trading fees with VIP clients of major exchanges.
“DEV-0139 joined Telegram groups used to facilitate communication between VIP clients and cryptocurrency exchange platforms and identified their target from among the members,” Microsoft stated.
The hackers arrangement was to get crypto holders to download an Excel spreadsheet which is named as “OKX Binance & Huobi VIP fee comparision.xls.” The document provides precise information about the fees that various cryptocurrency exchanges charge. However, it also includes a malicious software that insidiously launches an additional Excel instance in invisible mode.
When a victim opens this file and turns on macros, additional Excel instance downloads a DLL file that aims to hijack credentials of the users on crypto exchanges such as Binance, OKX, Huobi and more. Therefore, you should never a download these hazardous Excel files from unknown groups. The Binance CEO CZ also warned crypto users in this following tweet:
Don't download files!
— CZ 🔶 Binance (@cz_binance) December 7, 2022
Compromised friends may send a weaponized Excel file with the name "exchange fee comparision.xls". It contains malicious code, encoded backdoor and etc.
Hackers target the cryptocurrency industry - Microsoft Security Blog https://t.co/62F1Yh4u5u
