Tag: macro
-
Paper: The Journey of Evasion Enters Behavioural Phase
Anti-detection techniques are almost as old as malware itself and have developed well beyond hash busting techniques. As security products adapt their detection tools, malware authors need to find new ways to prevent their malware from being blocked while it is running. In a new paper (also available as PDF ) published today by Virus…
-
Paper: The Journey of Evasion Enters Behavioural Phase
Anti-detection techniques are almost as old as malware itself and have developed well beyond hash busting techniques. As security products adapt their detection tools, malware authors need to find new ways to prevent their malware from being blocked while it is running. In a new paper (also available as PDF ) published today by Virus…
-
Malware likely cause of power cut in Ukraine
BlackEnergy malware previously linked to targeted attacks in the country. When in late December hundreds of thousands of homes in Western Ukraine suffered power outages, many people talked about the possibility of the interruption in power having been caused by a cyber-attack. But people always talk about cyber-attacks — the truth is almost always a…
-
Paper: MWI-5: Operation HawkEye
Gabor Szappanos looks at how macro malware campaigns spread a commercial keylogger to harvest banking details. Macro malware was a plague in the late 1990s, when Microsoft Office executed macros by default, making the writing of computer viruses literally child’s play. Macro execution has long been disabled by default, but in the last two years,…
-
Vawtrak trojan spread through malicious Office macros
Users easily tricked, but plenty of opportunity for the malware to be blocked. Researchers at Trend Micro report that the ‘Vawtrak’ banking trojan now also spreads through Office macros, embedded in documents that are attached to spam emails. Vawtrak rose to prominence late last year, when it broadened its scope from targeting Japanese banking users…
-
Macro malware on the rise again
Users taught that having to enable enhanced security features is no big deal. When I joined Virus Bulletin almost eight years ago, macro viruses were already a thing of the past, like porn diallers or viruses that did funny things to the characters on your screen: threats that were once a real problem, but that…
-
Paper: VBA is not dead!
Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate. Macro malware had long been assumed dead. After all, macros are disabled by default in modern versions of Microsoft Office , which means they do not automatically execute upon opening a file. However, macro malware has recently made a…