Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cybersecurity experts have detected a malware campaign using Google Sheets as a command mechanism. The malicious program, dubbed Voldemort, masquerades as PDF files linked to Google AMP Cache URLs from counterfeit tax authority emails. If activated, the malware gathers system data while appearing benign, deceiving the user while downloading a ZIP file containing the backdoor to command and control. The targets include various international sectors like insurance, aerospace, healthcare, and others, with around 20,000 emails sent as part of the campaign. The hackers’ intentions remain unknown.