Malicious Macros in Office Documents Find New Tricks to Evade Detection


June 9, 2016

Malware coders are some of the most creative and talented programmers you’ll find, and the speed at which malware keeps evolving stands as proof.

One of the cases where this has been proven true once again is detailed by Zscaler, a San Jose-based security firm.

While analyzing the most recent malware samples detected by their security software, the company’s experts came across malicious Microsoft Office documents that employed macros with new social engineering tricks, but also new anti-analysis detection mechanisms.

Malware coders are obfuscating their macro scripts

The cyber-criminals used highly obfuscated code for their malware, hoping to thwart the efforts put in by security experts who were taking a look at the macro’s tangled source.

This tactic had some of the desired effects, but Zscaler’s team prevailed, and their efforts were rewarded. The security researchers managed to get a glimpse of the most recent tactics employed by malware coders to detect virtual machines and malware analysis products.

Read full story…