A New Malware Discovery Shocks Security Teams

A powerful new malware has been discovered, and it is already raising alarms across NATO-based countries. The malware is called “NotDoor”, and experts say it has been linked to the Russia-backed threat group known as APT28.

What makes this malware alarming is the way it hides itself inside Microsoft Outlook, one of the most widely used email applications in the world. Outlook is trusted by millions of businesses and workers, making it the perfect target for attackers.

NotDoor works by installing itself as a VBA macro inside Outlook. Instead of showing signs of infection like many viruses do, this one stays hidden. It silently watches incoming emails and waits for a specific secret trigger word to appear. Once it detects that trigger word, the real damage begins.

Security researchers explained that NotDoor can do many harmful things once activated. It can steal sensitive data, upload files, and even run harmful commands on the victim’s computer. This means hackers could use it to spy, steal information, or take over systems without being detected.

How Outlook Became a Weapon for Hackers

Microsoft Outlook is an everyday tool in offices, schools, and organizations. Because it is so trusted and widely used, many people do not expect it to be a danger. That is exactly why attackers are now using it as a weapon.

With NotDoor, hackers have turned Outlook into a hidden doorway into private systems. The malware uses trigger words to remain invisible. When a malicious email arrives, the code inside Outlook activates, but the email deletes itself immediately. This means the victim never sees anything suspicious in their inbox.

How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?

After activation, the malware quietly sends data out of the system. It can also download files or carry out instructions given by the attacker. This gives hackers total control, while the victim continues to use Outlook as if nothing is wrong.

What makes NotDoor so dangerous is that it bypasses traditional security measures. Many companies use email filters and antivirus programs to block suspicious messages. But because Outlook itself is trusted, these defenses are often not enough. The malware blends in, making detection very difficult.

A Growing Threat Across Many Industries

Investigations show that NotDoor has already affected companies in multiple industries across NATO countries. The attacks are not limited to one type of business. Instead, they spread across different sectors, showing that the group behind NotDoor is casting a wide net.

Security teams say this is part of an ongoing evolution of APT28. The group has a long history of creating new malware tools and adapting quickly when defenses improve. NotDoor is one more example of how they can develop fresh techniques to break into protected systems.

Bridgestone Hit by Suspicious Cyberattack as Operations Disrupted in US and Canada

The discovery of NotDoor also highlights a major concern for everyday users and businesses alike. Applications that people trust the most can be turned into tools for cyberattacks. Outlook, once seen only as a reliable work program, is now being used to steal data and control systems from the inside.

Experts stress that this kind of attack is not about exploiting a single bug or weakness. Instead, it shows how attackers are finding ways to weaponize trusted applications. This means organizations must think beyond simple fixes and consider stronger, layered defenses to protect against threats like NotDoor.

The case of NotDoor proves how far cyberattacks have advanced. By using email programs in clever ways, attackers are now able to stay hidden while carrying out serious damage. And since Outlook is used everywhere, the impact of such malware can be extremely widespread.