How to Hide DDE Based Attacks in MS Word

In our previous article, we learned how to take advantage of a feature, Dynamic Data Exchange (DDE), to run malicious code when a MS Word document is opened. The biggest challenge of this attack is that it requires getting the user to agree to a pop-up prompt. Fortunately, since I posted that article, many new obfuscation techniques have been discovered to make this easier. Today we explore and combine some of them to make the ultimate hidden DDE attack. If you haven't already read the last article, we explored how to abuse Windows DDE. In simple terms, DDE both executes an application and... more