Word and Excel Macro Viruses Are Back

macro-virusUsing BASIC or Visual BASIC programming scripts can add automation and other functions to documents created in the Microsoft Office productivity suite of products.  Unfortunately, this feature can be used by cyber-attackers to send malware exploits in otherwise innocuous looking documents that most people would open without a second thought.

The macro virus goes back to 1995, the most infamous being the Melissa email macro virus that $80 million in damages to US Businesses in 1999.  Anti-malware tools were updated to bring this under control, and Microsoft released patches to Windows and the Office suite to correct some of the security flaws that allowed this problem to occur.  And so the macro virus faded into history.

Even though this threat has lain dormant for nearly 20 years, unfortunately over the last year it has returned.  There are a couple of good articles in Sophos and one on Kaspersky (see links that follow) if you want more of the technical details.  These exploits will show up in your email as an attached Word, Excel, Powerpoint, or perhaps even a web document or PDF.  Look for file attachments ending in .doc, .docx, .xls, ,xlsx, .ppt, .pptx, .mhtml, .pdf.

As we have advised before, checking attachments out in VirusTotal will be your best protection.  It never hurts to confirm the purpose and contents of an email attachment with the sender, but instead of hitting reply and sending your query back to the attacker, open a new email from your contact list or make a phone call to the apparent sender.  Many times when I have done this the person has not sent anything and the bullet in the inbox was dodged.  Accepting unsolicited attachments from unknown senders is just a bad idea at all times.

So watch your inbox and treat all attachments with suspicion, and you should be able to avoid this returning threat.


More Information:


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.