Skip to main content
  1. Home
  2. Computing
  3. News

New Windows spyware campaign can get you in a click

By

You might want to be a little bit more careful when clicking any attachments sent to you via email, or any files that you’ve downloaded on the web from untrusted websites. That’s because groups with bad intent are spreading the Vidar spyware as part of a new campaign that uses Microsoft Compiled HTML Help files.

Explained by Diana Lopera at the security firm Trustwave, this new spyware campaign involves malicious files that might look otherwise innocent. In this case, hackers and those with bad intent, are currently sending out infected attachments via email, tagged with the “request.doc” filename.

Recommended Videos

The body of the email also draws attention to opening the attachment, too. Yet, the file is truly discussed as an ISO which is also embedded with spoofed Microsoft Compiled HTML Help files and an “app.exe.” executable for the Vidar spyware.

The Vidar Malware files open up
Trustwave

The Microsoft Compiled HTML Help file is a type of file that’s usually intended to share support documentation, so you might be tempted to click then extract it when you open the original request.doc file. But, if you do so, you would be on your way to trouble. When the malicious help file is opened, it also opens up the Vidar spyware executable in the background.

Related

For those unfamiliar, Vidar is a spyware that is known as an information stealer. It can collect credit card information, addresses, and other sensitive data from your system, and across different web browsers. It’s not necessarily new, but this method of distribution is, which is what raised the alarm for the Trustwave security firm.

If you want to stay protected against these types of infections and spyware, it’s always good to make sure your PC is up and running with some sort of antivirus. There are plenty of free options, but Microsoft’s own Security Center in Windows 10 and Windows 11 usually does a good job on its own as its definitions are constantly updated to spot the latest threats.

It is also good practice to never click strange-looking attachments from unknown senders, or from outside your organization, regardless of what is in the body of the email or in the subject line.

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
There’s a scary new way to undo Windows security patches
Windows 11 logo on a laptop.

Security patches for Windows are essential for keeping your PC safe from developing threats. But downgrade attacks are a way of sidestepping Microsoft's patches, and a security researcher set out to show just how fatal these can be.

SafeBreach security researcher Alon Leviev mentioned in a company blog post that they'd created something called the Windows Downdate tool as a proof-of concept. The tool crafts persistent and irreversible downgrades on Windows Server systems and Windows 10 and 11 components.

Read more
I really hope this potential change to Windows updates is true
Windows 11 updates are moving to once a year.

Windows updates have always required a restart to your PC, which is a hassle. However, Microsoft may use hot-patching to make it easier for PCs with Windows 11 24H2 to apply updates without having to reboot their computers.

A support page mentioning the change was first spotted by PhantomOcean 3 in a post on X (formerly Twitter) before the software giant took down the page.

Read more
It’s time to say goodbye to the Windows Control Panel
windows 10 control panel

The newer Windows Settings app has been slowly stealing features from the legacy Control Panel for years, and now Microsoft has finally said the obvious out loud -- "the Control Panel is in the process of being deprecated in favor of the Settings app."

First spotted by Neowin, a new Microsoft support page has appeared covering the various system configuration tools in Windows 10 and 11. Not only does this page refer to Settings as "the main application to customize and manage Windows settings," but it also explicitly states that the Control Panel is being deprecated. It doesn't mention any kind of date or timeline, however, which likely means the Control Panel's death will continue to be as slow as it has been up to now.

Read more