Threat researcher explains why it’s tricky to tell the difference between legitimate Excel Macros and ones that deliver malware.
Image: solarseven, Getty Images/iStockphoto
Microsoft released Excel 4.0 for Windows 3.0 and 3.1 in 1992 and many companies still use this functionality in legacy operations. The problem is that bad actors have started using Excel sheets and macros as a new way to deliver malware.
Tal Leibovich, head of threat research at Deep Instinct, explained at a presentation during DEFCON 29 why this legacy scripting language has been the vehicle for a recent rise in malware delivery. Leibovich presented “Identifying Excel 4.0 Macro strains using Anomaly Detection” with Elad Ciuraru last week. Deep Instinct is a cybersecurity company specializing in endpoint protection and using deep learning to…