![]() The function, coded in Python, is near identical to an open source Mac post-exploitation agent called EmPyre, which is also found targeting Linux machines. If the warning is ignored, the embedded macro executes the command to download the payload. Notably, Mac users are prompted to enable macros in the event of opening the malicious Word document. IT relies on user interaction (to open a malicious document in Microsoft Word, (not Apple’s Pages)), as well as needs macros to be enabled. Overall, this malware sample isn’t particularly advanced. The malware allows hackers to access a user’s browser history, enable the computer’s webcam and dump the keychain to steal credentials. While the vulnerability was frequently exploited by attackers targeting the Window platform, researchers have now discovered the first instance of a malicious macros embedded in a Word document targeting Mac computers.ĭiscovered by Patrick Wardle, head of research at security firm Synack, a Python-coded macro proceeds to download a malware payload that infects Mac machines, enabling hackers to a sweeping compromise of the targeted victim’s computer. Security researchers are in agreement, recommending users not to enable Macros. Coded and written in Microsoft’s VBA (Visual Basic for Applications), they are commonly abused my malware authors and cybercriminals for installing malware onto targeted computers. Essentially, Macros automates specific tasks through a series of commands and actions. Macros exploitations have long been a staple with Microsoft office programs. Now, security researchers have discovered attackers developing malicious macros for Word documents on Apple’s Mac platform. Macros-based malware attacks targeting Windows machines running Microsoft Word have been proved to be a long-standing and routine threat to PCs. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |