Skip to main content
  1. Home
  2. Computing
  3. News

New Windows spyware campaign can get you in a click

By

You might want to be a little bit more careful when clicking any attachments sent to you via email, or any files that you’ve downloaded on the web from untrusted websites. That’s because groups with bad intent are spreading the Vidar spyware as part of a new campaign that uses Microsoft Compiled HTML Help files.

Explained by Diana Lopera at the security firm Trustwave, this new spyware campaign involves malicious files that might look otherwise innocent. In this case, hackers and those with bad intent, are currently sending out infected attachments via email, tagged with the “request.doc” filename.

Recommended Videos

The body of the email also draws attention to opening the attachment, too. Yet, the file is truly discussed as an ISO which is also embedded with spoofed Microsoft Compiled HTML Help files and an “app.exe.” executable for the Vidar spyware.

The Vidar Malware files open up
Trustwave

The Microsoft Compiled HTML Help file is a type of file that’s usually intended to share support documentation, so you might be tempted to click then extract it when you open the original request.doc file. But, if you do so, you would be on your way to trouble. When the malicious help file is opened, it also opens up the Vidar spyware executable in the background.

For those unfamiliar, Vidar is a spyware that is known as an information stealer. It can collect credit card information, addresses, and other sensitive data from your system, and across different web browsers. It’s not necessarily new, but this method of distribution is, which is what raised the alarm for the Trustwave security firm.

If you want to stay protected against these types of infections and spyware, it’s always good to make sure your PC is up and running with some sort of antivirus. There are plenty of free options, but Microsoft’s own Security Center in Windows 10 and Windows 11 usually does a good job on its own as its definitions are constantly updated to spot the latest threats.

It is also good practice to never click strange-looking attachments from unknown senders, or from outside your organization, regardless of what is in the body of the email or in the subject line.

Editors’ Recommendations

Topics
Arif Bacchus
Arif Bacchus
Former Digital Trends Contributor
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Microsoft backs off on pressuring Windows 10 users to upgrade
Windows 11 and Windows 10 operating system logos are displayed on laptop screens.

Microsoft has announced that it will ease up the aggressive add tactic to get Windows 10 users to upgrade to Windows 11 after receiving negative backlash from users, as Windows Latest reports. There is no official word on whether stopping the full-screen multipage popups is permanent, but a plan to “share a new timeline in the coming months” was mentioned.

Windows 10 Home users saw these ads, but some Pro and Business users also saw them after rebooting their computers. Regardless of who saw them, the ads’ pause comes as the Windows 10 end-of-life date, October 14, 2025, approaches.

Read more
Windows 11 is losing in gaming performance
The Ryzen 9 9950X between someone's fingertips.

AMD’s newly launched Ryzen 9000 series desktop CPUs are finally available for purchase, and recent performance comparisons suggest that these CPUs perform better on Linux than Windows 11, particularly in gaming scenarios.

A detailed analysis done by PC Games Hardware has shown that when it comes to gaming, Linux outshines Windows 11 on Ryzen 9000 series CPUs. Tests using popular Linux distributions like Nobara, which are optimized for gaming, demonstrate higher frame rates and smoother gameplay compared to the same setups running Windows 11.

Read more
The next Windows 11 update may seriously slow down your SSD
Windows 11 logo on a laptop.

Microsoft may be rolling out a new feature as part of the latest Windows 11 update that will boost security but slow down SSD performance. We're talking about BitLocker, of course, a device encryption feature that will be turned on by default as part of the upcoming 24H2 update.

In the past, BitLocker encryption was available only on Windows Pro editions, but the new update lowers the eligibility criteria, extending encryption capabilities to a broader range of devices.

Read more