June 7, 2023

Once Microsoft blocked the Office Macro for VBA and XLM or XL4, ransomware actors quickly switched tactics to adapt to the new changes.

Researchers says that Microsoft’s solution to bar hackers from hacking the XL4 and VBA macros had gone a long way declining to 66% in last 9 months.

The hackers who have previously exploited the office macros are now shifting tactics for a new attack route. They have been relying on controlling RAR and ISO files to infect systems with malware. Even the LNK files are reportedly involved in their latest campaign.

Advertisements

Threat actors have been devising their plans to pivot away from the usual campaign through VBA macros. They continue to experiment further to see what email-based malware campaign will effectively spread the virus and bypass the victim’s MOTW (Mark of the Web) protection.

Experts have discovered about a 175% increase in the incidents of exploitations related to LNK, RAR, and ISO usage.

Tags:

Leave a Reply

You may have missed

Microsoft to comply with LinkedIn GDPR Violation

Microsoft to comply with LinkedIn GDPR Violation

June 7, 2023
Google Fixes Third Chrome Zeroday

Google Fixes Third Chrome Zeroday

June 6, 2023
Moveit Attributed to Lace Tempest

Moveit Attributed to Lace Tempest

June 6, 2023
Byte Code Bites PYPI

Byte Code Bites PYPI

June 5, 2023
Enzo Biochem Suffers a Data Breach

Enzo Biochem Suffers a Data Breach

June 5, 2023
BlackSuit Ransomware Dissection

BlackSuit Ransomware Dissection

June 4, 2023
%d bloggers like this: