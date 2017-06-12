Trend Micro has detailed a type of malware which can download to a PC without a user clicking on it.

The malware downloader is triggered when a user hovers their mouse pointer over a hyperlink in a carrier PowerPoint file.

A banking trojan is then downloaded to the victim’s PC.

The PowerPoint file is typically sent via email to a victim, with companies and organisations in Europe and MEA recently targeted. The emails normally contain the subject lines “Invoice” or “Order No.”.

The report stated that the file has a hyperlink in its centre that when hovered over, executes a malicious PowerShell script.

Newer versions of Office require the user to approve the download, as shown in the screenshot below.

