HomeWinBuzzer NewsResearchers Confirm Microsoft Office 365 Malware Campaign That Targets Browsers

Researchers Confirm Microsoft Office 365 Malware Campaign That Targets Browsers

A new browser campaign fools users into believing they are accessing a legitimate Office 365 website before installing a TrickBot Trojan on their system.


users have been warned about a new malware attack that is designed to exploit through a TrickBot password-stealing Trojan. Bad actors are attempting to infect devices with malicious content via a fake Office 365 page designed to look like an official Microsoft portal.

MalwareHunterTeam spotted the attack. The researchers say the fake webpage will look like a legitimate Office 365 page to users. In fact, the attackers have included details such as links that do point to official Microsoft domains.

When a user clicks one of these links, a pop-up windows appears that has been designed for different browsers. It issues a fake browser update alert, recommending users download the update. It seems Chrome and Mozilla Firefox are the targets.

“You are using an older version of the browser Chrome,” the message reads. Again, legitimacy is the key to confusing users. The attackers have labelled the pop-up “Chrome Update Center” or “Firefox Update Center”. Unwitting users would assume these are the genuine update services for those browsers.


If the user opts to download the fake update, they will unknowingly receive a TrickBot Trojan that is designed to find stored passwords on a machine. It can also track and record autofill data on browsers, as well as monitor browsing history.

Furthermore, the Trojan can generate a list of programs installed on the device, including Windows programs. Information acquired by the Trojan is sent to a server. In most cases the malware will act undetected by installing to the Windows svchost.exe.

It is worth noting that anti-virus software should be able to find, stop, and delete this attack. Users are recommended to update their anti-virus software to newest build. If a device is already infected, the anti-virus software should be able to find the Trojan and handle it. This includes Microsoft's own tool.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News