Thursday , 20 September 2018
Home >> S >> Security >> Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation

Office as a malware delivery platform: DDE, Scriptlets, Macro obfuscation

I, for one, thought that Office-based malware reached its zenith in the late 1990s, with the likes of Melissa. Sure, we’ve seen macro-based pain-in-the-neckware over the past two decades, including some macro malware that specifically attacks Macs, but by and large, Word, Excel and, to a lesser degree, PowerPoint now throw warning dialogs into the middle of just about any attack. Those with malevolent intent have moved on to greener fields.

Or have they?

Some clever researchers have found new and unexpected ways to get Word, Excel and PowerPoint documents to deliver all sorts of malware — ransomware, snoopers, even a newly discovered credential stealer that specializes in gathering usernames and passwords.

In many cases, these new uses employ methods as old as the hills. But the old warning signs don’t work as well as they once did: Confronted with a challenge like the one in the screenshot, many folks, nowadays, wouldn’t hesitate to click Yes.

close
==[ Click Here 1X ] [ Close ]==