Source:- http://goarticles.com/article/Sophos-Warns-Users-About-the-Return-of-Malicious-VBA-Macros/9160963/
The leading digital data security solutions vendor, Sophos is warning the users against the return of the malicious VBA macros that were active until year 2000. For those who don't know what malicious VBA macros are; well, they are a malware variant, most notably viruses that were capable of spreading themselves. In late 1990s, these VBA macro viruses used MS Word and MS Excel files to spread and then took control of the functions of MS Office. Once infecting the application, the VBA macro viruses then covertly operated at the background and amended a copy of it to all the documents that a user edited, thereafter.
These VBA macro viruses were active until 2000 and after this period they went dormant. But, the news is out that they are back again. The Sophos labs threat researcher Gabor Szappanos (also kwon as "Szappi") has recently discovered the new variants of the macro viruses.
"In the past five years, macro viruses (and more generally, macro malware) could be considered practically extinct - thanks mostly to the security improvements that were introduced over that period of time to their main target, the Microsoft Office products," said Szappi.
According to Szappi, the attack starts with attaching the virus infected Word file with a bogus email. The attackers are using the social engineering techniques to fool users. An example would be an email impersonating as a legitimate bank email. A gullible user simply opens the malicious word attachment file. However since the newer version of MS Office blocks the automatic execution of the malicious macros, so an alert is displayed in the Word menu bar, which warns about the disabled macros. But the criminals are already prepared for this situation. In order to fool users and to make them enable the blocked macro they have used simple social engineering trick. The malicious word file contains a blurred account statement, and an explanation is given that the statement is blurred for security reasons. In order to view the statement, the victim has to enable the blocked macro. Enabling the macro simply makes the virus effective.
Szappi has revealed that more than half of the recent documents based attacks intercepted by Sophos labs, contained VBA macros.
Szappi further added, "When the aim is to infect a large number of users, good old social engineering never fails to deliver the results,"
"Finally, a piece of advice: there is no justification as to why the content of a document can only be displayed properly if the execution of macros is enabled. If you receive a document with this advice, be aware: you are probably being attacked."
Installing comprehensive security solutions like the products of Sophos is one way to stay protected. The Sophos Antivirus can effectively scan-detect the VBA macros and other viruses/malware. It offers handy powerful tools to make the system clean of the viruses and malware. Additionally, the Sophos tech support is also available 24/7 and can be availed anytime.
All in all, the bottom-line is, now, there exists the most number of malware and viruses that ever did in the past. Each single day thousands of new-active malware variants are discovered. Plus to add more to the worse situation, the age-old viruses and attacks are also returning back. Users can't hide from this situation. However, they can take necessary preventive measures to stay protected. Using comprehensive antivirus solutions and staying updated with latest data security trends are two necessary preventive measures. Plus staying in contact with reliable support sources like Techcillin and availing their effective support like AVG support, Fortinet tech support, or Antivirus support etc., when needed is also pretty helpful.
The leading digital data security solutions vendor, Sophos is warning the users against the return of the malicious VBA macros that were active until year 2000. For those who don't know what malicious VBA macros are; well, they are a malware variant, most notably viruses that were capable of spreading themselves. In late 1990s, these VBA macro viruses used MS Word and MS Excel files to spread and then took control of the functions of MS Office. Once infecting the application, the VBA macro viruses then covertly operated at the background and amended a copy of it to all the documents that a user edited, thereafter.
These VBA macro viruses were active until 2000 and after this period they went dormant. But, the news is out that they are back again. The Sophos labs threat researcher Gabor Szappanos (also kwon as "Szappi") has recently discovered the new variants of the macro viruses.
"In the past five years, macro viruses (and more generally, macro malware) could be considered practically extinct - thanks mostly to the security improvements that were introduced over that period of time to their main target, the Microsoft Office products," said Szappi.
According to Szappi, the attack starts with attaching the virus infected Word file with a bogus email. The attackers are using the social engineering techniques to fool users. An example would be an email impersonating as a legitimate bank email. A gullible user simply opens the malicious word attachment file. However since the newer version of MS Office blocks the automatic execution of the malicious macros, so an alert is displayed in the Word menu bar, which warns about the disabled macros. But the criminals are already prepared for this situation. In order to fool users and to make them enable the blocked macro they have used simple social engineering trick. The malicious word file contains a blurred account statement, and an explanation is given that the statement is blurred for security reasons. In order to view the statement, the victim has to enable the blocked macro. Enabling the macro simply makes the virus effective.
Szappi has revealed that more than half of the recent documents based attacks intercepted by Sophos labs, contained VBA macros.
Szappi further added, "When the aim is to infect a large number of users, good old social engineering never fails to deliver the results,"
"Finally, a piece of advice: there is no justification as to why the content of a document can only be displayed properly if the execution of macros is enabled. If you receive a document with this advice, be aware: you are probably being attacked."
Installing comprehensive security solutions like the products of Sophos is one way to stay protected. The Sophos Antivirus can effectively scan-detect the VBA macros and other viruses/malware. It offers handy powerful tools to make the system clean of the viruses and malware. Additionally, the Sophos tech support is also available 24/7 and can be availed anytime.
All in all, the bottom-line is, now, there exists the most number of malware and viruses that ever did in the past. Each single day thousands of new-active malware variants are discovered. Plus to add more to the worse situation, the age-old viruses and attacks are also returning back. Users can't hide from this situation. However, they can take necessary preventive measures to stay protected. Using comprehensive antivirus solutions and staying updated with latest data security trends are two necessary preventive measures. Plus staying in contact with reliable support sources like Techcillin and availing their effective support like AVG support, Fortinet tech support, or Antivirus support etc., when needed is also pretty helpful.
No comments:
Post a Comment