Microsoft is sending users who search for Office 2019 download links via its Bing search engine to a website that teaches them the basics about pirating the company's Office suite.
This happens every time users search for the term "office 2019 download" on Bing. The result is a Bing search card (highlighted search results) that links to a piracy tutorial.
The linked website --crackfullpc.com-- is a step-by-step guide, advising readers on how to obtain and install a "cracked" version of Office 2019.
The steps walk users through downloading and installing uTorrent, a well-known application for downloading torrent files. The site then tells users to download and run a torrent file that will download the pirated version of Office 2019 onto their computer, and then walks the user through installing the pirated version by applying a crack file.
At the time of writing, the links for downloading the torrent for the pirated Office 2019 version are down. The domain for the website where these files are located --dinthatharronhad.info-- doesn't show up as malicious based on a VirusTotal scan.
The links don't point to a file per-se, but for a search query on another site, most likely part of some sort of affiliate scheme. Since the website is down, we can't tell if the pirated version of Office 2019 users might have downloaded from this site in the past is malicious, but all chances are that it is.
- Microsoft's Edge to morph into a Chromium-based, cross-platform browser TechRepublic
- Microsoft's rebuilt Edge may come to Xbox One CNET
Earlier this year, the top ad in Bing for the search term "Google Chrome" redirected users to a fake Google Chrome download page that served a trojanized version of the browser.
Today's Bing card recommendation leading to the piracy tutorial was spotted by Dutch security researcher Jeroen Frijters, who posted his findings on Twitter.
The tweet got some quite of traction, and Microsoft's staff is expected to intervene and clean up Bing's search results in the coming hours, just like they did the last time with the tainted Google Chrome download ad, which also went viral on Twitter before being taken down.
More cyber-security coverage:
- Facebook bug exposed private photos of 6.8 million users
- Signal: We can't include a backdoor in our app for the Australian government
- Logitech app security flaw allowed keystroke injection attacks
- Extortion emails carrying bomb threats cause panic across the US
- Twitter says it receives half a million of spam reports per month
- Shamoon malware destroys data at Italian oil and gas company