A new threat called “office exploit builder” allows attackers to generate stealth MS Office files (Word & Excel formats) with macros to download and execute malicious code on a victim’s machine.
Cybercriminals are increasingly using this “office exploit builder” and similar exploit builders. As a launching pad for attacks, these methods have proven successful time after time, because they require very few resources from the attacks while keeping their exposure minimal and almost completely undetectable.
Once the attachment is opened, a security warning is shown if macros are disabled on the victim’s machine. Upon clicking “enable content”, the malicious code executes.
Checking the document in virus total shows an impressive 11/55 detection ratio, making most AV vendors and security companies inefficient to this threat at the moment.