After having “rediscovered” the usefulness of MS Office macros, malware peddlers have been ramping up email spam runs delivering documents that request users to enable them.
Those that do open the door for macro-based Trojans droppers and, consequently, other malware.
The Upatre downloader is still the most popular way to deliver malware – usually the Zeus info-stealer or, more recently, crypto-ransomware – but macro-based malware is slowly gaining traction:
“Spam with macro-based malware typically make use of social engineering lures like remittance and invoice notifications, emails related to tax and payment slips, payment confirmation, purchase orders, etc.”
Leave a reply
