Page 12 - index
P. 12
Hackers Using Macro-Based Malware to Breach Business
Networks
By Todd Weller, VP, Corporate Development, Hexis Cyber Solutions
Trends and fads move in cycles - things that were once popular fade into obscurity and later,
may make a roaring comeback. Synth-heavy pop music, 1970s-style jumpsuits and facial hair
on men are all in fashion again today, after spending considerable time as relics of a time gone
by. Unfortunately, the same forces are at play in the world of cybercrime, as hackers bring back
the once-popular macro-based malware.
According to a blog post from Microsoft, the number of reported malware incidents
plummeted after the company made "Disable all macros" the default setting on its Microsoft
Office software. But the macro is making a comeback today, thanks to new forms of social
engineering and phishing emails.
Malicious macros are back and more convincing than ever
Microsoft explained that the disabled-by-default macros in its products are no longer sufficient to
protect users from malware. The problem is that hackers have made their phishing emails so
convincing that they can actually trick users into manually enabling the macros in their Office
suites.
Two of the most popular resurgent Trojans that hackers are using are called Adnel and Tarbir.
These are being spread through spam email campaigns that target both home and enterprise
users all over the world, though the infections seem to be more concentrated in the U.S. and
U.K.
Security researchers at Microsoft found that both types of malware are being embedded within
phishing emails with titles like "Invoice as requested," or "Payment Details." Attached to the
emails are Word documents claiming to have information for the reader, and the emails
12 Cyber Warnings E-Magazine – May 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
