Malware behind Microsoft Excel-based Sudoku generator

ID THN:8C413F909908FF436F2D785C2799E48B
Type thn
Reporter Mohit Kumar
Modified 2012-12-20T14:42:06


Sudoku is one such game that I believe will benefit your brain, but now not for your system. Peter Szabo from SophosLabs have identified a piece of malware that resides behind a Microsoft Excel-based Sudoku generator.

The Malware developed in Visual Basic requires macros, a scripting language that allows users to create equations based on values in different columns and rows.

Microsoft disable macros by default , because in past macros were the weapon of choice for cyber criminals . But in order for the generator to work, the user must activate macros. Unfortunately, while the user is enjoying the Sudoku, the macro is installing malware in the targeted machine.

Keyboard and mouse macros allow sequences of keystrokes and mouse actions to be transformed into shorter commands and also it can easily gathers system information by using the ipconfig, systeminfo like commands.

Once the bug has collected a machine's IP address, running processes, installed applications and a host of other details, it encodes and sends the information to an email address with an suffix.