Mouse hovering malware delivery scheme spotted, called potentially very dangerous

Cybercriminals have started using a new technique to infect computers that only requires a victim place their cursor over a malicious hyperlink for the malware to be injected.

The new technique was noticed by several cybersecurity researchers – with dodgethissecurity doing an extensive analysis. The information security blog reported that an attack begins with the target receiving an email containing an attached PowerPoint document.

“This PowerPoint document was interesting to analyze,” the researcher said. “First of all, this document was interesting as it did not rely on macros, JavaScript or VBA for the execution method. Which means this document does not conform to the normal exploitation methods.”

When the presentation is opened, the target sees a “Loading….Please Wait” message. As with many hyperlinks this appears blue. When the victim follows their natural inclination to hover their cursor over the “hyperlink” to check where it links, the document executes a PowerShell command. 

Source: Mouse hovering malware delivery scheme spotted, called potentially very dangerous

Categories: Uncategorized

Post navigation

Comments are closed.

Blog at

%d bloggers like this: