Macro Virus

2nd December 2020 | Cybrary Macro Virus


macro virus

A Macro Virus is a virus that adds its code to the macros embedded within documents, spreadsheets, and other data files. The first macro virus appeared in July of 1995 infecting a Word document. This rapidly became the dominant type of virus until the turn of the century, when Microsoft disabled macros by default in Office 2000 and later. Since then, cybercriminals using macro viruses have had to trick users into enabling macros for their infections to take place.

Macro viruses are embedded in Word documents, PowerPoint and Excel files, or even Microsoft database files. They’re often attached to emails, downloaded from fake download websites visited via phishing links or click bait news articles. They are difficult to detect, as they do not activate until an infected macro is run, at which time they perform their damage. 

Macro viruses are similar to a Trojan horse since they appear harmless and come with interesting packaging (salaries.xlsm, Calamity_Images.pptm). Notice the “M” in the extension.  Microsoft created unique file extensions to signal the presence of a Macro enabled file.  This also allows cybersecurity professionals, engineers, and vCISO’s to filter out “M” extension file types from email attachments.  Commonly filtered extensions for Microsoft Macro enabled viruses include:

Microsoft Files with Macros .docm, .dotm, .xlsm, .xltm, .xlam, .pptm, .potm, .ppam, .ppsm, .sldm

Unlike Trojans, macro viruses can replicate themselves and infect other computer files like a worm

Source: Kaspersky

Related Terms: Melissa Virus, Memory-Resident Virus, Morris Worm

What does this mean for an SMB?

To avoid macro-based viruses take these three steps:

  1. educate employees on the risks of macro-enabled files;
  2. filter file attachments in your email security system (if possible); and
  3. always deploy endpoint security solutions that can detect and remove macro and other viruses.

Schedule regular scans of your computers to clean infected documents.
 
Businesses might consider adding Anti-Malware products alongside Anti-Virus software on their systems. Defense-in-Depth is the name of the game when it comes to securing your organization.  Become more Aware to Become more Secure.

To learn more about Macro Viruses, watch this short 2 minute video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!


Sign Up Today!

Latest Blogs

Stay sharp with the latest security insights

Discover and share the latest cybersecurity trends, tips and best practices – alongside new threats to watch out for.

Make Phishing Training Count with HootPhish

Make Phishing Training Count with HootPhish

Stop tricking employees. Start training them. Take Control of Your Security Awareness Training with a Platform...

Read more
Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

Apple Alert: Critical AirPlay Vulnerabilities Expose Millions to Cyber Threats

A recent discovery by cybersecurity firm Oligo Security has unveiled a series of critical vulnerabilities in...

Read more
CyberHoot Newsletter – May 2025

CyberHoot Newsletter – May 2025

Welcome to CyberHoot's May Newsletter! This month, we're spotlighting key developments in the cyber threat...

Read more