Tuesday, August 9, 2022

Puzzle fans warned of Excel-based Sudoku malware

Nothing like a nice game of Sudoku to calm your nerves at the office? Think again. Security software provider, Sophos Ltd. is warning fans of the popular puzzle that some Microsoft Excel-based Sudoku generator spreadsheets may contain malware-laden macros.

 

“It sounds perfectly reasonable doesn’t it?” according to Richard Wang, Sophos security expert. “Generating Sudoku puzzles requires a program; to run the program requires macros.” 

In his post in the official Sophos blog, Naked Security, Wang said the attackers are even providing puzzle users with simple instructions on how to turn on the macro:

 

 

Once the user bypasses the security measures, they are free to work on the puzzle. Unfortunately, while the user is enjoying the Sudoku, the macro is installing malware in the targeted machine, said Wang.

Macros are used to make a sequence of computing instructions available to a programmer as a single statement. Keyboard and mouse macros allow sequences of keystrokes and mouse actions to be transformed into shorter commands.

 

Attackers using macros are not a numerous as they used to be especially after Microsoft disabled macros by default to crack down on macros-base malware. However, Wang said, macros as still commonly used and Microsoft Offices has Visual Basic for Applications, accessible from Office documents as macros.

Relate content

Trend Micro updates mobile app against Samsung attack

Fortinet names top 6 network threats in 2013

The malware collects system information, network information, a list of all the programs and services running on the machine as well as data on hardware, operating system and patches.

The snooped data, Wang said, is encoded and mailed out to an aol.com address.

 

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.