Tag: vba
-
New article: Run your malicious VBA macros anywhere!
Office documents have over many decades been used to launch malware, often through macros, embedded content or exploits. Researcher Kurt Natvig wanted to understand whether it’s possible to recompile VBA macros to another language, which could then easily be ‘run’ on any gateway, thus revealing a sample’s true nature in a safe manner. In a…
-
New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros
Ever since their return more than four years ago, initially in targeted attacks and later in large-scale malware campaigns, Office macros have been one of the most prominent ways to spread malware. Today, we publish a research paper by Aditya K. Sood and Rohit Bansal of SecNiche Security , in which they analyse a malware…
-
New paper: Powering the distribution of Tesla stealer with PowerShell and VBA macros
Ever since their return more than four years ago, initially in targeted attacks and later in large-scale malware campaigns, Office macros have been one of the most prominent ways to spread malware. Today, we publish a research paper by Aditya K. Sood and Rohit Bansal of SecNiche Security , in which they analyse a malware…
-
Macro malware on the rise again
Users taught that having to enable enhanced security features is no big deal. When I joined Virus Bulletin almost eight years ago, macro viruses were already a thing of the past, like porn diallers or viruses that did funny things to the characters on your screen: threats that were once a real problem, but that…
-
Paper: VBA is not dead!
Gabor Szappanos looks at the resurgence of malicious VBA macros that use social engineering to activate. Macro malware had long been assumed dead. After all, macros are disabled by default in modern versions of Microsoft Office , which means they do not automatically execute upon opening a file. However, macro malware has recently made a…