Visual Basic Applications malware is making a resurgence as malware developers evolve it, Gabo Szappanos, a researcher with Sophos Labs, said revealing details of a white paper published in Virus Bulletin on Tuesday.
Noting that macro viruses had become nearly extinct over the past five years, due in large part to Microsoft boosting security in its Office suite to prevent self-replicating viruses from spreading, Szappanos explained that malicious VBA macros have reappeared over the last couple of months as “simple downloader trojan codes.”
“In the past couple of months, we have observed the resurgence of malicious VBA macros — this time, not self-replicating viruses, but simple downloader Trojan codes,” explains Szappanos.
Using “simple social engineering tricks,” the malware authors have prepared document contents to “lure the recipient into enabling the execution of macros, and thus open the door for infection.”