Pierluigi Paganini July 28, 2022
Threat actors use new attack techniques after Microsoft blocked macros by default

Threat actors are devising new attack tactics in response to Microsoft’s decision to block Macros by default. In response to Microsoft’s decision steps to block Excel 4.0 (XLM or XL4) and Visual Basic for Applications (VBA) macros by default in Microsoft Office applications, threat actors are adopting new attack techniques. Researchers from Proofpoint reported that […]

Pierluigi Paganini April 27, 2018
Rubella Macro Builder Crimeware Kit gains popularity on cybercrime underground

A new crimeware kit dubbed the Rubella Macro Builder is rapidly gaining popularity in the cybercriminal underground, experts already spotted its malware in the wild. A new crimeware kit dubbed the Rubella Macro Builder is rapidly gaining popularity in the cybercriminal underground. The Rubella Macro Builder allows crooks to generate a malicious payload for social-engineering […]

Pierluigi Paganini October 20, 2017
URSNIF spam campaign expose new macro evasion tactics

Trend Micro recently observed a new campaign leveraging the Ursnif banking Trojan using new malicious macro tactics payload delivery and evade detection. Researchers at Trend Micro have recently spotted a new campaign leveraging the Ursnif banking Trojan featuring new malicious macro tactics for payload delivery. Malicious macros are widely adopted by crooks for malware distribution, usually, they […]

Pierluigi Paganini November 28, 2016
Two versions of the new Cerber 5.0 ransomware released in a few days

Security experts from the CheckPoint firm discovered two different variants of the new Cerber 5.0 ransomware in a few weeks. Security experts have spotted a new variant of the dreaded Cerber ransomware, the Cerber 5.0. This is the third version of the malware released this week that is able to encrypt files on all accessible network […]

Pierluigi Paganini June 28, 2016
Microsoft Office 365 targeted with massive Cerber ransomware 0-day campaign

Cloud security provider Avanan discovered a number of Cerber Ransomware variants targeting corporate Office 365 users with malicious emails. Cloud security provider Avanan spotted a number of Cerber Ransomware variants that are targeting corporate Office 365 users with spam or phishing emails leveraging on malicious file attachments. Threat actors sent an Office document that embedded malicious macros to download […]

Pierluigi Paganini May 22, 2016
Microsoft warns of malicious macros using a new sneaky trick

Researchers at the Microsoft’s Malware Protection Center are warning of a new wave of attacks leveraging malicious macros using a new sneaky trick. Researchers at Microsoft’s Malware Protection Center are warning of a new technique attackers are using to allow macro malware elude detection solutions. The experts first spotted the technique while analyzing a file […]

Pierluigi Paganini August 11, 2015
VBE files on the rise in Brazil leading to Financial Fraud

Security experts at Kaspersky Lab recently observed a big wave of malicious VBE files targeting Brazilian users to distribute Financial Trojan. Recently security experts have seen old tricks rising from the dead (like for example word/excel macros attachment in e-mails) and malicious VBE files are being spread via email targeting Brazilian users. These VBE files […]

Pierluigi Paganini April 30, 2015
Macros based malware on the rise (Once Again)

Microsoft is observing a major spike in the volume of malware using macros since the beginning of the year. The infection method was very common in the past I remember when I was starting my career, around 2006 that a lot of the existent malware would arrive to their victims trough Word/Excel macros, and that […]

Pierluigi Paganini March 09, 2015
Spam campaign spreads Dridex Trojan via Macros in XML Files

Experts at Trustwave have discovered a spam campaign composed of several hundred messages trying to serve Dridex trojan though xml documents. Early 2015 security experts discovered a variant of banking malware dubbed Dridex that was spread through a phishing campaign using Microsoft Excel documents embedding malicious macro to infect victims’ machines. The Dridex malware implements features […]