Cyber Security Today: Malware has two weapons, another macro attack and more Android security patches

A new malware strain chooses which weapon to install, the latest macro attack targets shortcuts on your desktop and the latest Android security update is released

Welcome to Cyber Security Today. It’s Monday July 9th.  To hear the podcast, click on the arrow below.

Cyber Security Today on Amazon Alexa Subscribe to Cyber Security Today on Google Play Subscribe to Cyber Security Today on Apple Podcasts


I mentioned last week that criminals are finding ways to hide cryptomining software on computers. Kaspersky just detailed an even craftier scheme – malware that makes a choice of what to put on a victim’s PC. The capability has been added to the ransomware Kaspersky calls Rakhni, which has been around since 2013. This nasty piece of work can choose whether to install ransomware or a cryptocurrency mining module on a machine. As usual, the way you get infected is by downloading an attachment. Most common is an alleged financial document. After clicking on it Windows will push up a message asking for permission to run an executable file from an unknown publisher. If you say yes, you’re stung. If the malware finds a Bitcoin folder, it installs ransomware. If not, it installs the cryptocurrency miner.

To avoid being hit, be careful of clicking on attachments, even if they come from someone you know. Don’t run apps from unknown publishers, especially if the names sound similar to popular programs.

For those of you who don’t know, a macro is a set of computer commands a user creates that automatically run. It saves you time in repetitive tasks. But macros can also be used by attackers to automatically run a script you don’t want, usually through Microsoft Office. A researcher at Trend Micro last week found a new one: A macro that looks for and replaces shortcuts on your Windows desktop. When you click on the shortcut, the macro automatically downloads malware. This attack appears to be in its early stages. So far the shortcuts it looks for are for Skype, Google Chrome, Mozilla Firefox, Opera, and Internet Explorer on the desktop or the Quick Launch toolbar. However, new versions may be in the works. Microsoft disables macros by default, and gives users a warning if software asks you to enable macros. If that pops up and it’s not a macro you have created, just say ‘No.’

Finally, Google has released a new set of patches for Android. Hopefully your handset maker and carrier have agreed to distribute these updates. Unfortunately some don’t care to patch devices that are more than two years old. A number of the recent set of patches deal with critical vulnerabilities. If your device no longer gets security updates it’s a good reason to not download attachments or add any apps. It also may be time to buy a new device.

That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

ITWC podcast network

Subscribe to ITWC podcasts and never fall behind on the conversation in technology again. Our daily podcasts are perfect to add to your smart speaker’s daily briefing or to your favourite podcast app on your smartphone. 

Cyber Security Today Podcast

#Hashtag Trending Podcast