Sophos researchers are warning of malware being distributed in an Excel-based Sudoku generator and in a PowerPoint presentation entitled, "Will the world end in 2012?"
Both attacks require the user to enable macros in order to proceed. "It sounds perfectly reasonable, doesn't it? Generating Sudoku puzzles requires a program; to run the program requires macros. ... Of course, in the background a rather less amusing macro is installing and running some malware," writes Sophos' Richard Wang.
"The installed malware then gathers system information using some standard commands: ipconfig to get network information, tasklist for a list of all the programs and services a user is running, and systeminfo to find out about hardware, operating system and patches," Infosecurity reports. "The snooped data, which lays open a computer’s entire personality, is then encoded and mailed out to an aol.com address."
"The [end-of-the-world] PowerPoint presentation, once legitimate, was created by a preacher who has nothing to do with the infectious iteration," writes TechNewsDaily's Ben Weitzenkorn. "A SophosLabs researcher reported that his blog is now riddled with SEO garbage pushing phony Viagra and payday loans, and with other lowest-common-denominator trash."
"While macro viruses certainly aren't a new phenomenon, they aren't something many people think about," writes Sophos' Chester Wisniewski. "Be careful with documents you acquire from random sources and never enable macros in documents you download or receive as email attachments. You never know what might be lurking in there, but I suspect it won't be the end of the world."