Phishing in the Windows calculator?

Phishing in the Windows calculator?

By Valentina Tuta

Phishing in the Windows calculator? Just as you read it, despite the fact that in recent years the company has invested both effort and budget to make its tools powerful virus and malware detectors regardless of not having the best antivirus of all, hackers have become increasingly creative, once again causing headaches for Microsoft.

Although Windows has strengthened the security of its devices, malware developers have been working on new strategies to infect our computers and get hold of our personal information, especially if we are talking about banking data, this time devising the master plan by hiding their programs with the integrated calculator of Windows 7.

Unfortunately, the new approach is to trick the user into downloading an ISO disk image disguised as a PDF or other file type that contains a shortcut which opens an embedded copy of the Calculator application, unwittingly giving hackers access to the software on our modern computers, as mentioned by Bleeping Computer.

But you’re probably wondering how this is possible and why use an outdated version of the calculator. Well, the goal of this application is to use dynamic link libraries (DLL) in the same folder if they are present, instead of always using the libraries in the Windows system folder. So in this way, opening the calculator will not trigger any alarm on the system, probably because it is signed by Microsoft, but it is still able to load an infected library under the name “WindowsCodecs.dll” that will come as part of it.

Therefore, the reason why the most modern versions are not vulnerable to this kind of fraud is because they do not have the ability to change DLL files. Certainly, there is still very little known about this type of cyber information theft and Microsoft has not made any further statements about it, so it is not known if Defender has been updated to correctly recognize this type of attack.

By the way, the best thing to do while the company corrects this error is to browse with caution. Personally, we recommend you not to download files from any unknown websites and to avoid, at any cost, downloading documents, folders or files that you receive through emails from people you do not know. Finally, if you do not have Microsoft Defender, try to acquire a reliable antivirus so that your data is not left unprotected at any time.

%d bloggers like this: