Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Macro Malware Reappears

The term 'Macros' is referred to instructions that computer applications issue, prominently as Microsoft Word issues and uses macros for obtaining some specific result. Previously when Word ran macros it used to be from the very start of the software devoid of getting the user's consent. Naturally, cyber-criminals enjoyed the opportunity of running malware instantly following its download. However, with time, Microsoft doused this activity, while now running macros requires user consent.

It took 16-yrs for macro malware to return and yet again capturing particular interest of security professionals that has affected 100,000-and-more people from its reappearance previously in 2015, says Intel Security. Scmagazine.com reported this, December 16, 2015.

Malicious software that utilizes macros contained within Excel and Word applications of Windows Office was at its peak of proliferation during 1999 whilst first noticed and being named virus Melissa.

If macros are enabled on a user's computer, with warnings from the application ignored the result maybe an easy execution of the associated malware once the Word/Excel document is downloaded. So when the macro malicious software is run, it would plant different files like .ps, .vbs or .bat on the victim's machine that represent the malware groups - Donoff, Dridex or Bartallex respectively. These different files planted then pull down further malware (Vawtrak, Upatre, ZBot or Chanitor).

Indeed, during the past 12-months, macro malware has surged. The illegitimate web-portals provide many tools with which anyone can craft attachments containing macro malware which has further induced the surge.

Macro malware of the most recent form is spread with many new twists, most importantly; phishing scams that rely on social engineering, with the objective of targeting corporate employees that frequently use Office application.

The change most prominently today within macro malware has been to make itself concealed on the infected PC. Techniques like complicated encrypted strings and junk code are now employed for creating macro malware that serve to masquerade as staff members providing security at the victim organization.

However, to minimize vulnerability to macro malware assaults Microsoft suggests organizations for selecting the 'high' option in their macro settings; educating employees regarding e-mail security methods; while maintaining applications up-to-date.

ยป SPAMfighter News - 12/22/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page