Skip to main content

New Windows spyware campaign can get you in a click

You might want to be a little bit more careful when clicking any attachments sent to you via email, or any files that you’ve downloaded on the web from untrusted websites. That’s because groups with bad intent are spreading the Vidar spyware as part of a new campaign that uses Microsoft Compiled HTML Help files.

Explained by Diana Lopera at the security firm Trustwave, this new spyware campaign involves malicious files that might look otherwise innocent. In this case, hackers and those with bad intent, are currently sending out infected attachments via email, tagged with the “request.doc” filename.

The body of the email also draws attention to opening the attachment, too. Yet, the file is truly discussed as an ISO which is also embedded with spoofed Microsoft Compiled HTML Help files and an “app.exe.” executable for the Vidar spyware.

The Vidar Malware files open up
Trustwave

The Microsoft Compiled HTML Help file is a type of file that’s usually intended to share support documentation, so you might be tempted to click then extract it when you open the original request.doc file. But, if you do so, you would be on your way to trouble. When the malicious help file is opened, it also opens up the Vidar spyware executable in the background.

For those unfamiliar, Vidar is a spyware that is known as an information stealer. It can collect credit card information, addresses, and other sensitive data from your system, and across different web browsers. It’s not necessarily new, but this method of distribution is, which is what raised the alarm for the Trustwave security firm.

If you want to stay protected against these types of infections and spyware, it’s always good to make sure your PC is up and running with some sort of antivirus. There are plenty of free options, but Microsoft’s own Security Center in Windows 10 and Windows 11 usually does a good job on its own as its definitions are constantly updated to spot the latest threats.

It is also good practice to never click strange-looking attachments from unknown senders, or from outside your organization, regardless of what is in the body of the email or in the subject line.

Editors' Recommendations

Arif Bacchus
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Windows 11 will finally respect your default browser — in Europe
Microsoft Edge appears on a computer screen with plants and a window in the background.

Microsoft makes it easy to change the default browser in Windows 11. That's important if you require special features specific to one of the many web browsers that are available on a PC. Unfortunately, it's not as simple to be rid of Edge entirely.

Microsoft Edge will still load to open some other file types. When opening a link from Windows Settings or other system components, the webpage will load in Edge. That's now about to change, however, according to a recent Windows blog post.

Read more
Windows just gave us another reason not to download fresh updates
Windows 11 blue error crash screen.

As if we needed another reason to hold off on downloading the latest patches before they've been tested by a considerable number of people, Microsoft's most recent Windows Update comes with an unfortunate side effect -- it causes blue screens for some users. The blue screen shows up right at boot, citing the "UNSUPPORTED_PROCESSOR" error as the stop code. Here's what we know, and more importantly, how to make sure this doesn't affect your PC too.

The issue started popping up right after the latest Windows 11 update, KB5029351, which brought the operating system up to version 22621.2215. The build addresses some issues and brings minor improvements, such as adding a new hover behavior to the search box gleam and improving the reliability of the Search app.

Read more
This upcoming Windows 11 feature lets you switch to a cloud PC in seconds
Windows 365 Switch being used with Task view.

Microsoft is currently testing a feature that allows users to switch between the local Windows 11 installation and a cloud-based Windows 365 Cloud PC installation on a device using just basic computer commands.

The feature, called Windows 365 Switch, is available for Windows Insiders in the Beta and Dev Channels. The Windows 11 Build 23521 to Insiders in the Dev Channel recently became available for Dev Channels.

Read more