Leave a comment

Do you use Outlook? This hacking attack can steal all your email passwords

Do you use Outlook? This hacking attack can steal all your email passwords
GongTo / Shutterstock.com

Cybersecurity researchers have discovered malware that can infect organizations using Microsoft's Outlook mail server and collect email passwords via the attack. It works by placing a malicious DLL file on the Outlook Web Application (OWA) mail server.

An unnamed company contacted the security firm Cybereason after becoming suspicious about an infection, according to Ars Technica. Cybereason found the malicious DLL file and discovered it had a backdoor that allowed passwords to be stolen any time a user logged on - and this company had 19,000 points of access! This type of malware is called an advanced persistent threat, because it can be deployed for months or years at a time.

Most individual users of Outlook don't need to worry about this attack - it's specific to organizations that use the OWA server for their email. For companies or organizations that do use the OWA server, Ars Technica warns that OWA is attractive to hackers because it connects the public Internet with resources inside organizations' firewalls.

Cybereason didn't report any discoveries other than the one attack, but it's expected to be seen again with other large organizations. To learn how to keep yourself safe from malware, phishing schemes and more, visit our Komando.com Security Center, and for the latest news on hacks and cyberthreats, check back to our Happening Now page often.

Next Story
Source: Ars Technica
Payment cards hacked at Trump hotels
Previous Happening Now

Payment cards hacked at Trump hotels

Android Marshmallow is out now. Here's the awesome feature that will make you want to get it
Next Happening Now

Android Marshmallow is out now. Here's the awesome feature that will make you want to get it

View Comments ()