We recently found that the malware family ROVNIX is capable of being distributed via macro downloader. This malware technique was previously seen in the DRIDEX malware, which was notable for using the same routines. DRIDEX is also known as the successor of the banking malware CRIDEX.
Though a fairly old method for infection, cybercriminals realized that using malicious macros work just fine–even against sophisticated defense measures.
more here.........http://blog.trendmicro.com/trendlabs-security-intelligence/rovnix-infects-systems-with-password-protected-macros/
Though a fairly old method for infection, cybercriminals realized that using malicious macros work just fine–even against sophisticated defense measures.
more here.........http://blog.trendmicro.com/trendlabs-security-intelligence/rovnix-infects-systems-with-password-protected-macros/