Hackers, months ago, revived macros as an attack vector to primarily hide banking malware spread by spam campaigns.
Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targeted campaign, researchers at Cisco said, was using AutoIt to drop malware on compromised machines. AutoIt is freeware that allows Windows administrators to write scripts that automate tasks.
The use of macros by hackers is mitigated by the fact they’ve been disabled by default since the release of Office 2007. But Cisco researchers said the language and spoofed senders in the phishing emails accompanying the targeted attacks could be enough to convince a potential victim to enable macros and execute the attack.
AutoIt Used in Targeted Attacks to Move RATs
Not be left out, some targeted attacks kicked off by convincing phishing emails, have been moving a few remote access Trojans and other malware via Word docs. One particular targeted campaign, researchers at Cisco said, was using AutoIt to drop malware on compromised machines. AutoIt is freeware that allows Windows administrators to write scripts that automate tasks.
The use of macros by hackers is mitigated by the fact they’ve been disabled by default since the release of Office 2007. But Cisco researchers said the language and spoofed senders in the phishing emails accompanying the targeted attacks could be enough to convince a potential victim to enable macros and execute the attack.
AutoIt Used in Targeted Attacks to Move RATs
