Malwarebytes researchers have spotted an increase in the number of malicious VBScripts (Visual Basic Scripting Edition) files that use obfuscation methods in the wild.

One of the malicious files was named TEMPcoral.vbs and was found on systems that were heavily infected with Trojan.Droppers and Trojan.Clickers, according to a Feb. 29 blog post.

Researchers also spotted a malicious VBScript that was actually a Banker.Trojan downloader and another one that overwrites all vbs files on a system with copies of itself and tries to steal Bitcoin keys.

Users can become infected through drive-by downloads, malvertising attacks and various methods that infect Word and Excel documents, the post stated.

Researchers recommend users don't run scripts unless they need to, consider disabling Windows Script Host, and not enable macros unless they can trust it and actually need to do so to use the document at hand.