A new campaign has been discovered by security researchers Phishing uses specially generated CSV text files to infect users’ devices with malware BazarBackdoor.
CSVs are files that contain columns of text that are separated by commas. In many cases, the first line of text is the header or description for each column.
Using CSV files is a popular method of extracting data from applications, which can then be imported into other programs as a data source, be it Excel, database, password managers, or billing software.
Since a CSV is just text without executable code, many people consider these types of files to be harmless and may not be so careful.
However, Microsoft Excel supports a feature called Dynamic Data Exchange (DDE), which can be used to execute commands whose output is imported into open spreadsheet, including CSV files.