A macro attack is a case of malicious code injection, script-based attack which comes as a macro instruction inside a seemingly safe file. Hackers perform these attacks by embedding a malware download script (most often) into documents that support macros. The malicious application of macros it is based on the human vulnerability of ignorance and carelessness . There are several characteristics of macro attacks that make them particularly dangerous. However, there are also effective solutions to prevent such attacks.
Macros are commands used in many applications to automate routine processes and significantly expand the range of use of the program.
There are many functions you can perform on data in Excel. By creating and running a macro, you can list a series of commands to describe a frequently repeated procedure and perform them effortlessly, saving a lot of time. Macros allow you to direct external resources to analyze data from other files on your computer or even network access to download items from remote servers.
Macro Virus
?The simplest way to conduct a macro attack is to embed a download script in a harmless-looking file. Modern hacking prefers steal information from you to sell them, encrypt your data for extort a ransom o leverage your endpoint in other ways to their advantage. All these scenarios involve the injection of foreign software into the system. And macros are great at this.
Macro attacks are a nuisance for security teams, as they possess certain properties that make them difficult to track and difficult to prevent from spreading.
Macro attacks exploit perhaps the most dangerous vulnerability in cybersecurity: a human user. Lack of computer literacy and inattention make users a easy target for hackers and allow criminals to expect user execution of their malicious package. Criminals have to trick users twice : first to make them download a file with the macros and then to convince them to allow the macros to run. There are various tricks that hackers can resort to, but they are mostly the same as most phishing and malware spreading campaigns.
If you want to run macros in current versions of Excel, you need to save the Excel file as a macro-enabled workbook. Excel recognizes macro-enabled workbooks by the .xlsm file extension (rather than the usual .xlsx extension).
Therefore, if you add a macro to a standard Excel workbook and want to be able to run this macro every time you access the workbook, you will need to save it with the .xlsm extension.
To do this, select Save As from the “File” tab of the Excel ribbon. Excel will then display the “Save As” screen or the “Save As” dialog box.
Set the file type to “Excel Macro-Enabled Workbook” and then click the button Save .
The different Excel file extensions make it clear when a workbook contains macros, so this in itself is a useful security measure. However, Excel also provides optional macro security settings, which can be controlled via the options menu.
The four macro security settings:
If you choose the second setting, “Disable all macros with notification“, when you open a workbook that contains macros, you are given an option to allow the macros to run. This option is presented to you in a yellow band at the top of the spreadsheet, as shown below:
Therefore, you only need to click this button if you want to allow macros to run.
If you want to view or change the Excel macro security setting in earlier versions of Excel:
Note: When you change the Excel macro security setting, you will need to close and restart Excel for the new setting to take effect.
Current versions of Excel allow you to definish trusted locations, i.e. folders on your computer that Excel “trusts”. Therefore, Excel omits the usual macro checks when opening files stored in these locations. This means that if an Excel file is placed in a trusted location, macros in this file will be enabled, regardless of the macro security setting.
Microsoft has defined some reliable routes beforedefinites, listed in the option setting Trusted routes in your Excel workbook. You can access it via the following steps:
If you wish definish your trusted location, you can do it as follows:
Attention: We don't recommend placing large parts of the drive, such as the entire “My Documents” folder, in a trusted location, as this puts you at risk of accidentally allowing macros from untrusted sources.
Ercole Palmeri
Developing fine motor skills through coloring prepares children for more complex skills like writing. To color…
The naval sector is a true global economic power, which has navigated towards a 150 billion market...
Last Monday, the Financial Times announced a deal with OpenAI. FT licenses its world-class journalism…
Millions of people pay for streaming services, paying monthly subscription fees. It is common opinion that you…