Thanks to Utilizer for the heads up!
Posted on 04/28/2015 6:02:45 PM PDT by Utilizer
Office macro downloads malware used in JP Morgan heist.
Australian businesses are currently being hit by cloud storage hosted Microsoft Office macro malware in large numbers in a month-long campaign uncovered by security researchers.
Security vendor Trend Micro said its researchers detected an outbreak of spam that used fraudulent messages from the Automated Clearing House electronic funds transfer network that is regularly used by businesses for transactions with each other.
The spam messages link to Dropbox sites that contain malicious Microsoft Office macros - named Bartalex - which if enabled by users, proceed to download a variant of the Dyre banking malware.
(Excerpt) Read more at itnews.com.au ...
Ping.
Thanks to Utilizer for the heads up!
Are they all waiting on their half million dollars from the Nigerians, too?
If you read the article, they are not FROM Dropbox but TO Dropbox. The article is about how MS Office macros are being used to install a variant of the Dyre banking malware.
I interpreted this:
The spam messages link to Dropbox sites that contain malicious Microsoft Office macros
to mean that the macros are held at the Dropbox site, and the victims are downloading them from there.
Hmmm. It does seem rather confusing, but I still see it as the messages provide a link to Dropbox where the malware is based which then installs it.
I do not see that Dropbox itself is responsible for the email linkys. Could be, however.
It sounds like the got the link to the DropBox site via spam, and then got the macro from there and the macro installed the malware.
If you’re using Dropbox, you’re gonna have a bad time.
I work in the financial industry, and PCI came down hard on us when they found out some of our executives were using Dropbox. Sadly, Microsoft’s offerings with OneDrive are not PCI-compliant and our IT “leadership” is resistant to implementing Microsoft’s Direct Access.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.