Microsoft Office macros, which can automate tasks and speed up user efficiency, were once a popular tool for infecting computers with viruses, but as people became aware of how they worked and disabled their macro functions, hackers started using them less. Now Panda Security is noticing a comeback of macro-virus attack attempts, this time on Apple Macs.
Because macros can automate tasks across the MS office suite, they give you – or your hacker – a lot of control over your system. So, when malicious code is embedded into a macro linked to a specific word document or spreadsheet, a hacker can ensure the malware will execute as soon as that infected file is opened.
It usually begins with an attachment in a phishing email, which the user mistakenly clicks on and starts the virus embedding process. The virus then runs on the application linked to the file rather than on the operating system, which is why macro-viruses can infect both Apple and Windows computers.
A classic example of a macro-virus is the Melissa Virus from ’99 that arrived embedded in an email. When a user opened the email, the virus immediately sent itself to the 50 first contacts in the user’s contact sheet. This meant the virus replicated itself at extraordinary speed and caused considerable network traffic.
Ways of detecting a macro-virus:
- Your computer runs slower than normal
- You’re asked for passwords on files not usually requiring them
- Your documents save as ‘template’ files
- You see strange error messages
Thankfully, if your system does have a macro-virus you can manually remove it from within Word or Excel. You’ll find instructions online for your particular setup, whether PC or Mac, and which version of Word/Excel you use.
Although Apple Macs aren’t normally affected by Office macro-viruses, a security researcher has found a vulnerability that allows a malicious macro to make a “back-door entry” and compromise the system in ways such as stealing data. However, by installing the latest updates for Office 365 or Mac OS Catalina, the attempt will fail and no malware will be installed.
Apple users shouldn’t be complacent about their computer protection, and can avoid a macro-virus attack by disabling macros and keeping on top of software updates.
The way to protect a PC and Mac system further, is to install strong antivirus and anti-malware software with endpoint protection all in one. With this kind of a solution, all known and unknown strains of malware and ransomware will be detected and removed before they can do any harm.
Time to up your cyber security game. Take a 14-day trial in Mac or PC protection.
