The year 1997 saw an emergence of yet another powerful virus to battle with. A virus that caused an unprecedented, jaw-dropping damage of about $8 billion. This virus attacked seemingly innocuous and ever ubiquitous word documents and excel spreadsheets – especially through the “macros” route. Fast forward to 2008 and nothing seems to have abated. In fact, virus threats have multiplied and this now threatens the successful running of any organization that uses email for communication.
What are Macro Viruses?
Microsoft Office provides tools for software like Word and Excel that require “enabling Macros”; these are in essence embedded DIY programs for the user to automate mundane tasks performed repeatedly. These macros are easily modifiable programs that allow you to create mini-loops or programs that deliver mundane and recurring tasks automatically.
Although macros in Microsoft Word and Excel save a lot of time and provide ruthless efficiency for users, it just has one problem — It enables miscreants or virus makers to embed “Macro” viruses onto these programs so as to infect computers. Here’s the clincher: These “Macro” viruses aren’t operation system dependent and that means that they can spread through attachments in all too common Word and Excel documents and affect any computer, anywhere in the world.
Where are They Found & How do They Propagate?
Microsoft Word happens to be the breeding ground for these viruses, because documents contains text and some “Auto” macros pre-enabled already within the software module. Text with pre-enabled macros (as found in Word) provides a fertile ground to breed macro viruses. Ironically, the more potential for a user to unleash the power of a tool like Word, the more potential for the Macro viruses to proliferate.
These viruses then started to be found on Microsoft Excel workbooks too, making use of the OLE2 container files which combine macros with cell data (cell inputs) and other files.
These viruses, as stated above, have been spotted at an alarming rate and the potential to wreck havoc for individuals and organizations is mind-boggling.
How Does the Virus Spread?
A virus is defined by the way it spreads. You might have guessed by now that a Macro Virus spreads at a scorching pace through attachments sent to and from computers all over the world. Specifically, within a document the virus intercepts the Macro’s execution path by leveraging one or more of Word’s auto macros. They also present themselves by doing a menu replacement. The virus then proceeds to replicate this interception in the global environment by modifying the normal.dot file, for instance.
Another term for the virus is a “Letter Bomb” or “Virus Bomb” and it is said to cause itself to spread and distribute itself once downloaded as an attachment.
Depending on what macro has been targeted by the virus and the kind of resources and programs these macros have access to, those programs are liable to be damaged by this virus. One famous macro virus was Melissa, discovered in 1999. Just when one thinks it’s over, the ILOVEYOU virus unleashes its fury.
Are Macro Viruses Still a Threat?
Ever since the release of Windows 2000, then XP, Vista, Window’s 7 and today’s Windows 8, the prevalence of macro viruses has decreased. However, new viruses (hybrids) change their form and function, and threats arising from spam are increasingly a problem for businesses today. So you thought Macro viruses were dead? Maybe they are! But you now have rampant spam, PDF files, MP3 files and what-have-you. Prevention has never been this paranoid. Ever.