Cybercriminals have traditionally utilised Microsoft documents to spread malware, and they continuously test out new distribution methods. As defenders, the researchers at Trustwave SpiderLabs are constantly on the lookout for novel or peculiar file types. Through this continuing investigation, we discovered threat actors exploiting a OneNote document to spread Formbook malware.
a malware-as-a-service marketplace selling an information-stealing trojan since the middle of 2016. Data can be stolen from different web browsers and other programmes via formbook malware. This malware can also grab screenshots and do keylogging.