Aug 1, 2016Industry insights,
A new wave of macro-viruses
With a reinvented wave of viruses, this strain uses a simple download mechanism and mimics the Word macro virus from the 1990s, invading the users’ systems with a particularly nasty payload.
Microsoft explained that the main issue involves the combination of social engineering and malicious macros.
To avoid the increasing costs of exploitation, hackers are using social engineering and tricking a user into running a malicious file or malware.
This specific virus’ payload changes the user’s browser Proxy Server setting, which could result in the theft of authentication credentials or other sensitive information. This new resurgence comes hot on the heels of a massive increase in the prevalence of so-called Ransom-ware viruses like Cryptolocker and its’ variants over the course of the last eighteen months. A few years ago it was easy to sit back and rely on the statistical unlikeliness of one specific business being affected as being sufficient protection, nothing could be further from the truth these days however.
Although these viruses are clearly a threat, with the right precautions we know that more businesses can remain protected. As this virus is reaching end users through an email attachment, the best protection method in this instance is to circulate awareness of the threat internally, making sure each staff member knows what to look out for and only interacts with messages from senders that they know and trust. Education of users as to the perils of viruses through vectors that users themselves can control is by far the most effective form of defence.
For added defence, you can reduce the risk from this particular threat by adjusting the registry settings to help prevent object linking and embedding from executing altogether or running without your permission.
At RockIT we understand how critical IT Security is to a business. We’ve seen first-hand the unprecedented damage that can be caused by an innocent download, therefore we use sophisticated firewalls and cloud-based email protection that can scan and remove the malware and viruses before they reach the end user, giving you the peace of mind that your data and business are protected.