A new Trojan horse, dubbed "Navia.a" by Panda Software, uses avian flu-related subject heads to dupe recipients into opening an attached Microsoft Word document.
Spammers and scammers have already used the public's fear and curiosity about the avian flu to spread their schemes, but now hackers have turned to the trick, a security company warned Thursday.
A new Trojan horse, dubbed "Navia.a" by Panda Software, uses subject heads of "Outbreak in North America" and "What is avian influenza (bird flu)?" to dupe recipients into opening an attached Microsoft Word document.
That's when Navia.a goes old school: the Word document is infected with malicious macros.
One of the macros makes several Windows kernel calls to allow the Trojan to create, change, or delete files, while the second installs "Ranky.fy," another Trojan that opens a back door to the PC.
“Unfortunately, we were expecting something like this," said Luis Corrons, director of Panda's research, in a statement. "This is not the first time, and won't be the last, that writers of malicious code have taken advantage of people's misfortune and anxieties to spread their Trojans and worms."
Word macro threats were once among the most visible, and most dangerous, but have fallen out of fashion. The most infamous macro threat was the Melissa virus of 1999, which debuted a propagation technique -- grabbing e-mail addresses from Microsoft Outlook -- that's still used by most mass-mailed worms and viruses.
To protect against a macro-based exploit, Word users should make sure that the macro security level is set at "Medium," which triggers a warning when a Word document containing one or macros is opened, or "High," to disable macros entirely.
In Word 2003, the setting is under the Tools menu, in the Macro/Security item.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.
Join us for a roundup of the top stories on InformationWeek.com for the week of April 24, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week!