Cybercriminals Use Macros to Deliver Rovnix Malware

  • 21 November 2014
  • 0 replies
  • 172 views

Userlevel 7
Badge +54
By Eduard Kovacs on November 20, 2014
 
The Rovnix Trojan has started leveraging macros embedded in innocent-looking Microsoft Word documents to infect computers, researchers at Trend Micro reported on Wednesday.
The use of macros in the infection chain is an old technique, but it can still be highly efficient. Last month, researchers at Palo Alto Networks reported that the Dridex banking Trojan, a successor of Cridex, was also leveraging macros.
However, in the case of Rovnix, the macros are password-protected, which makes the malware more difficult to analyze. Furthermore, cybercriminals have obfuscated the code with string concatenations and variable substitutions in an effort to evade detection by security products.
 
Full Article

0 replies

Be the first to reply!

Reply