{"id":156852,"date":"2023-02-02T19:23:41","date_gmt":"2023-02-03T01:23:41","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2023\/02\/hackers-weaponize-microsoft-visual-studio-add-ins-to-push-malware"},"modified":"2023-02-02T19:23:41","modified_gmt":"2023-02-03T01:23:41","slug":"hackers-weaponize-microsoft-visual-studio-add-ins-to-push-malware","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2023\/02\/hackers-weaponize-microsoft-visual-studio-add-ins-to-push-malware","title":{"rendered":"Hackers weaponize Microsoft Visual Studio add-ins to push malware"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/hackers-weaponize-microsoft-visual-studio-add-ins-to-push-malware.jpg\"><\/a><\/p>\n<p>Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to achieve persistence and execute code on a target machine via malicious Office add-ins.<\/p>\n<p>The technique is an alternative to sneaking into documents VBA macros that fetch malware from an external source.<\/p>\n<p>Since Microsoft announced it would <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/as-microsoft-blocks-office-macros-hackers-find-new-attack-vectors\/\" target=\"_blank\">block the execution<\/a> of VBA and XL4 macros in Office by default, threat actors moved to archives (.ZIP,.ISO) and. LNK shortcut files to distribute their malware.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to achieve persistence and execute code on a target machine via malicious Office add-ins. The technique is an alternative to sneaking into documents VBA macros that fetch malware from an external source. Since Microsoft announced it [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-156852","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/156852","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=156852"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/156852\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=156852"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=156852"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=156852"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}