The comeback was 16 years in the making, but macro malware is once again on security professional’s radar in a big way impacting at least 100,000 people since it began its resurgence earlier this year, according to Intel Security.
The malware, which uses the macros found in Windows Office products like Word and Excel, saw its heyday in 1999 when it was first observed and known as the Melissa virus. Some good work by Microsoft at the time, that included added a permissions step for Office documents users, helped curtail the issue, but now it is again on the rise.
“Certainly over the last 12 months we have witnessed a spike. In underground forums there are multitudes of tools that allow people to create malicious macro malware attachments that has also fed the spike,” Raj Samani, vice president and CTO of Intel Security, told SCMagazine.com in an email Wednesday.
Fellow Intel Security executive Vincent Weafer, senior vice president, Intel Security, wrote in an Intel Security Perspectives blog that the number of incidents of macro malware is up fourfold this year, adding that just as in 1999, Office documents are still the preferred targets. The latest incarnation includes several new twists to spread the malware, including using socially-engineered phishing campaigns to target corporate workers, where Office is most often used. Previously, the email attack was much less sophisticated.