Microsoft has warned its Microsoft Office users of significant rise in malware attacks through macros in Excel and Word programs.
Microsoft says that there is more than a threefold jump in the malware campaigns spreading two different Trojan downloaders. These Trojan downloaders arrive in emails masquerading as orders or invoices.
The malwares are being spread through spam emails containing following subject lines accordingly to Microsoft
ACH Transaction ReportDOC-file for report is ready Invoice as requestedInvoice – P97291Order – Y24383Payment DetailsRemittance Advice from Engineering Solutions LtdYour Automated Clearing House Transaction Has Been Put On
And the attachment containing Adnel and Tarbir campaigns is usually named as following :
20140918_122519.doc
813536MY.xls
ACH Transfer 0084.doc
Automated Clearing House transfer 4995.doc
BAC474047MZ.xls
BILLING DETAILS 4905.doc
CAR014 151239.doc
ID_2542Z.xls
Fuel bill.doc
ORDER DETAILS 9650.doc
Payment Advice 593016.doc
SHIPPING DETAILS 1181.doc
SHIP INVOICE 1677.doc
SHIPPING NO.doc
Microsoft Technet blog says that the two Trojan downloaders.
TrojanDownloader:W97M/Adnel TrojanDownloader:O97M/Tarbir
Are being spread at a rapid pace through spam emails and phishing campaigns. Worryingly they are targeting both home PC users and enterprise customers and most of the victims are based in United States and United Kingdom.
Comments