Macro Malware attacks have increased more than fourfold during the past quarter, along with increases in fileless malware developments and banking Trojans, according to the November 2015 McAfee Labs Threats Report.
The report highlighted that Macro Malware attacks were enabled by spearphishing campaigns that were designed to trick enterprise users into opening malware-bearing email attachments that looked legitimate.
The new malware is designed to remain hidden even after it downloads the malicious payloads.
Macro Malware were used extensively in the 90’s but it declined after platform providers like Microsoft took action to stop macro execution.
McAfee highlighted that compared to earlier attacks the latest macro campaigns are targeted towards large organisations.
The security service provider also conducted analysis of nearly 300,000 mobile apps and discovered two mobile Trojans "Android/OpFake" and "Android/Marry that exploited thousands of mobile banking accounts by exploiting back-end coding, abusing root privileges to silently install malicious code.
McAfee said that user data will remain under threat if app developers fail to follow the back-end providers’ security guidelines.
The two mobile banking Trojans, intercepted and exposed around 171,256 SMS messages of 13,842 banking customers, and remotely executed commands on 1,645 impacted mobile devices.
McAfee also found 74,471 samples of fileless attacks in the first three quarters of 2015.
The attackers load their infection directly into the legitimate memory space of a platform function, which hid behind a kernel-level API, or within the operating system’s registry of the victim’s system.
McAfee Labs’ Global Threat Intelligence (GTI) network also detected an average of 327 new threats every minute, or more than 5 every second with more than 7.4 million attempts were made to trick users into connecting to risky URLs.
It also recorded 3.5 million infected files targeting at McAfee customers’ networks.
