New Malspam Disables Msoft Office Macro Security

By   ISBuzz Team
Writer , Information Security Buzz | Jul 12, 2021 04:35 am PST

BACKGROUND:

A new malspam variant that bypasses Office macro security to download Zloader was disclosed by McAfee on their blog Thursday. The variant disables Office defenses and delivers the Zloader banking trojan using a Word doc that downloads an XLS file. This downloads and executes malicious DLLs (Zloader) without any malicious code present in the initial spammed attachment macro. An expert with Gurucul offers perspective.