Skip to main content
  1. Home
  2. Computing
  3. News

New Windows spyware campaign can get you in a click

By

You might want to be a little bit more careful when clicking any attachments sent to you via email, or any files that you’ve downloaded on the web from untrusted websites. That’s because groups with bad intent are spreading the Vidar spyware as part of a new campaign that uses Microsoft Compiled HTML Help files.

Explained by Diana Lopera at the security firm Trustwave, this new spyware campaign involves malicious files that might look otherwise innocent. In this case, hackers and those with bad intent, are currently sending out infected attachments via email, tagged with the “request.doc” filename.

Recommended Videos

The body of the email also draws attention to opening the attachment, too. Yet, the file is truly discussed as an ISO which is also embedded with spoofed Microsoft Compiled HTML Help files and an “app.exe.” executable for the Vidar spyware.

The Vidar Malware files open up
Trustwave

The Microsoft Compiled HTML Help file is a type of file that’s usually intended to share support documentation, so you might be tempted to click then extract it when you open the original request.doc file. But, if you do so, you would be on your way to trouble. When the malicious help file is opened, it also opens up the Vidar spyware executable in the background.

For those unfamiliar, Vidar is a spyware that is known as an information stealer. It can collect credit card information, addresses, and other sensitive data from your system, and across different web browsers. It’s not necessarily new, but this method of distribution is, which is what raised the alarm for the Trustwave security firm.

If you want to stay protected against these types of infections and spyware, it’s always good to make sure your PC is up and running with some sort of antivirus. There are plenty of free options, but Microsoft’s own Security Center in Windows 10 and Windows 11 usually does a good job on its own as its definitions are constantly updated to spot the latest threats.

It is also good practice to never click strange-looking attachments from unknown senders, or from outside your organization, regardless of what is in the body of the email or in the subject line.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Microsoft just kicked off a new era of PCs with Copilot+
Microsoft CEO Satya Nadella announces updates to the company's Copilot artificial intelligence (AI) tool.

Microsoft is introducing an entirely new category of PCs, and they're all centered around Copilot+. Amid bold claims of AI PCs from industry leaders like Intel, AMD, and Nvidia, Microsoft is kicking off the era of the AI PC with a new set of hardware requirements and software features that allow your PC to go beyond an AI chatbot.

The idea behind Copilot+ isn't to have a few AI features. Instead, the dedicated Neural Processing Unit (NPU) on a Copilot+ PC will run several language models in the background of Windows 11 -- all the time. The models will scan you through everything you do on your PC to provide context when you want to prompt Copilot properly. Microsoft calls the feature Recall and says it's like a "sensor for AI."

Read more
If you use a VPN, don’t skip this important Windows 11 update
Microsoft Surface Laptop Go 3 rear view showing lid and logo.

It's not you; Windows is causing the issues this time. If the VPN on your Windows 11 or Windows 10 computer is having a hard time connecting, it is likely because of Microsoft's April security updates for Windows 11 (KB5036893 for) and Windows 10 (KB5036892), which have been reported to be the cause of the problems.

But there's good news. According to Microsoft, a patch is now available to fix the VPN problems users are experiencing.

Read more
A massive Windows 11 AI feature may launch next week despite privacy concerns
Privacy settings in Windows 11.

Windows 11 continues to build a large toolset of AI features, but the one rumored to soon launch may be the biggest change yet -- especially when it comes to your PC's privacy. Windows Latest reports that in Build 26212, the Windows 11 AI integration is named RecallĀ and can be found on the Privacy & Security page in settings (via Albacore on X).

The concern is due to its privacy toggle. According to the latest build, you can record everything on your screen to help you better find something you were working on or searching for. The positive side is that it can help you find the report you edited when you can't remember where you saved it by accessing the timeline interface. It will also help users with their browsing history. For example, if you searched for how to use WhatsApp Web, but can't remember which browser you used or what site the information was on, AI Explorer (or Recall, as it may be named) can find the information for you.

Read more