Security researchers spotted the cyber offenders using macro malware as a vector in order to spread Neutrino Bot, which is also known as Kasidet, through spear phishing emails. Such email appears to be from a known person or a business. However, it is not. These emails appears from the same con artists who want your credit/debit card information, bank account details and other financial information from your machine. Over the past three weeks, criminal hackers have been using the same VBA (Visual Basic for Applications) macros found in the Microsoft Office that have been used to place the Dridex in order to drop Neutrino Bot as well. According to the researchers, the malicious MS Office documents are usually spread as an attachment by using spear phishing emails.
Once the malicious file attached on spear phishing mails downloaded, researchers observed a particular strain of Neutrino Bot stealing confidential information from the user’s computer via browser hooking and memory scrapping. Besides, the malware which uses macros was found onto the Microsoft Windows Office products, saw its heyday in late 90’s when it was first reported and identified as a Melissa virus. Furthermore, the Microsoft had taken measure security steps, which includes adding a permissions steps for the Office documents users, in order to help curtail the issues. However, a new and improved version of Office documents was spotted last year.