Now, here’s where the victim gets roped in – they gotta manually click “Enable Content” in the DOCX file. Sneaky, right? The redacted.dotm document then drops a new file and cracks it open, making it look all legit to the poor victim. Act one, spotted back in September of last year, was all about mapping out the directories on the target’s turf. Act two, which went down in July this year, was the grand finale – data theft success.
Hacker work front of his laptop computer with dark face.
