Presentation is loading. Please wait.

Presentation is loading. Please wait.

Macros and malware spooky.

Published byAnne Anthony Modified over 6 years ago

Similar presentations

Presentation on theme: "Macros and malware spooky."— Presentation transcript:

1 Macros and malware spooky

2 whoami Niall Watson @Nige0x 4th year VP Slight alcoholic Malware
Hater of big words

3 Macros Small programs within Office documents
Used to automate repetitive tasks in office documents Can save you a lot of time Written in Visual Basic for Applications(VBA) Can use them maliciously

4 Macros as an infection vector
Malware needs a way to infect a system Usual ways: USB Dodgy programs Macros now

5 Who uses these?

6 Who uses this method? Russian dudes Nation States Malware authors
Dridex Cryptolocker Powersniff TeslaCrypt List goes on...

7 No point wasting exploits when you can use an MS office document
Who would this target? Attack doesn't need to be complex Perfect to use against office workers Political activists Ukrainian power grid BlackEnergy No point wasting exploits when you can use an MS office document

8 How do they use them maliciously?
Create a nice pretty document Nice pretty name, with made up data Code some malicious macros Send it to a bunch of users Hope some dumbass opens it

9 What happened? So the clever user has opened our nice document
Clicked on enable content Voila they can see our nice employee wages. Oh no

10

11 Demo

12 Mitigations Turn off macros. Don't open unknown office docs
Run through sandbox

13 Questions?

Download ppt "Macros and malware spooky."

Similar presentations

Introduction to Macro Introduction to Visual Basic for Application Recording a Macro Looking at the code of Recorded Macro.

Introduction to Macro Introduction to Visual Basic for Application Recording a Macro Looking at the code of Recorded Macro.
The Design Cycle Can you remember the order of the five steps? Use this simple game to find out! Click here to start Design Cycle Game by Steve Graham.

The Design Cycle Can you remember the order of the five steps? Use this simple game to find out! Click here to start Design Cycle Game by Steve Graham.
Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely P J Human Resources Pte Ltd presents:

Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely P J Human Resources Pte Ltd presents:
Tutorial 8: Developing an Excel Application

Tutorial 8: Developing an Excel Application
Save time with templates Create your own templates Say you often use a certain invoice whose basic content stays the same except for certain details that.

Save time with templates Create your own templates Say you often use a certain invoice whose basic content stays the same except for certain details that.
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
Computer Viruses.

Computer Viruses.
VME2000 USB Token. The USB Token is a hardware device that plugs into a USB port (or a USB cable) on a laptop or PC. It can be used instead of a pass.

VME2000 USB Token. The USB Token is a hardware device that plugs into a USB port (or a USB cable) on a laptop or PC. It can be used instead of a pass.
Customizing Word Microsoft Office Word 2007 Illustrated Complete.

Customizing Word Microsoft Office Word 2007 Illustrated Complete.
Get up to speed A new file format One more big change in the new version of Word: an improved file format. What does that mean to you? The new file format.

Get up to speed A new file format One more big change in the new version of Word: an improved file format. What does that mean to you? The new file format.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.

MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Excel Lesson 14 Creating and Using Macros Microsoft Office 2010 Advanced Cable / Morrison 1.

Excel Lesson 14 Creating and Using Macros Microsoft Office 2010 Advanced Cable / Morrison 1.
By Andrew Noske My PowerPoint Macros.

By Andrew Noske My PowerPoint Macros.
Word Lesson 16 Working with Macros Microsoft Office 2010 Advanced Cable / Morrison 1.

Word Lesson 16 Working with Macros Microsoft Office 2010 Advanced Cable / Morrison 1.
Other Features Index and table of contents Macros and VBA.

Other Features Index and table of contents Macros and VBA.
Introduction to VBA. This is not Introduction to Excel We’re going to assume you have a basic level of familiarity with Excel If you don’t, or you need.

Introduction to VBA. This is not Introduction to Excel We’re going to assume you have a basic level of familiarity with Excel If you don’t, or you need.
Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely John Deere presents:

Microsoft ® Office 2007 Training Security II: Turn off the Message Bar and run code safely John Deere presents:
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
1 CS 106 Computing Fundamentals II Chapter 17 “Introduction To VBA” Herbert G. Mayer, PSU CS status 6/30/2013 Initial content copied verbatim from CS 106.

1 CS 106 Computing Fundamentals II Chapter 17 “Introduction To VBA” Herbert G. Mayer, PSU CS status 6/30/2013 Initial content copied verbatim from CS 106.

Similar presentations

Ads by Google