Skip to main content

New Windows spyware campaign can get you in a click

You might want to be a little bit more careful when clicking any attachments sent to you via email, or any files that you’ve downloaded on the web from untrusted websites. That’s because groups with bad intent are spreading the Vidar spyware as part of a new campaign that uses Microsoft Compiled HTML Help files.

Explained by Diana Lopera at the security firm Trustwave, this new spyware campaign involves malicious files that might look otherwise innocent. In this case, hackers and those with bad intent, are currently sending out infected attachments via email, tagged with the “request.doc” filename.

The body of the email also draws attention to opening the attachment, too. Yet, the file is truly discussed as an ISO which is also embedded with spoofed Microsoft Compiled HTML Help files and an “app.exe.” executable for the Vidar spyware.

The Vidar Malware files open up
Trustwave

The Microsoft Compiled HTML Help file is a type of file that’s usually intended to share support documentation, so you might be tempted to click then extract it when you open the original request.doc file. But, if you do so, you would be on your way to trouble. When the malicious help file is opened, it also opens up the Vidar spyware executable in the background.

For those unfamiliar, Vidar is a spyware that is known as an information stealer. It can collect credit card information, addresses, and other sensitive data from your system, and across different web browsers. It’s not necessarily new, but this method of distribution is, which is what raised the alarm for the Trustwave security firm.

If you want to stay protected against these types of infections and spyware, it’s always good to make sure your PC is up and running with some sort of antivirus. There are plenty of free options, but Microsoft’s own Security Center in Windows 10 and Windows 11 usually does a good job on its own as its definitions are constantly updated to spot the latest threats.

It is also good practice to never click strange-looking attachments from unknown senders, or from outside your organization, regardless of what is in the body of the email or in the subject line.

Editors' Recommendations

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Microsoft is adding a controversial app to Windows 11
Microsoft Surface Laptop 2 sitting on a table.

A new Windows 11 build is rolling out in Microsoft's Beta channel, and it includes an app that's been caught up in some controversy. Build 22635.3646 includes the PC Manager app for devices in China by default. This app is already available through the Microsoft Store, but the update suggests the app might be part of Windows 11 more broadly soon.

PC Manager falls in the category of "system optimizers" along the lines of the  Razer Cortex Game Booster. It cleans out temporary files, frees memory that's not being used, and digs deep into your hard drive to clean out unused files. According to Microsoft, it can even "reduce ads and app pop-up interruptions." An system optimizer from Microsoft sounds great as an official release in Windows 11.

Read more
Here’s why everyone is talking about this controversial new Windows AI feature
Microsoft introducing the Recall feature in Windows 11.

When Microsoft went to launch its new Copilot+ PCs, it needed an AI feature that could showcase the power of the new NPU and AI models. That feature is Recall.

On one hand, it's a privacy nightmare wrapped in a glorified search bar. On the other, it could represent the biggest change to the way we use PCs in years.
What is Recall?

Read more
The Meta Quest 3 will get an exciting new type of app
A Windows app extends into 3D space via a Meta Quest 3 VR headset.

A Windows app extends into 3D space via a Meta Quest 3 VR headset. Microsoft

At Build 2024, Microsoft announced it partnered with Meta to extend Windows apps into 3D space with the help of a Quest VR headset. When working on physical objects, it’s important to have spatial awareness of components.

Read more