What is a macro?
A macro or macro instruction is a program that automates a series of operations using the VBA language (Visual Basic for Applications), particularly in office software such as Excel or Word. You don't need to know how to program to use it.
A VBA macro is a procedure used to perform a series of tasks that could be time-consuming. It is often used to perform long and repetitive operations.
How do I use a macro?
First, you will need to create a macro. This is a fairly simple process. You need to start recording and perform actions.
For example, it's like you want to make a movie of your work: you start recording, complete each step, then stop recording at the end.
Your recording will then be saved in the software.
Then, when you want to perform all of these same actions, all you have to do is click a button or press the keyboard shortcut you defined earlier.
The macro will then run automatically.
To return to the example of the movie, when you open your file, you see the first frame of the movie, you start playback by activating the macro, and you arrive directly at the last frame of the movie. The steps are executed without the user being able to see them; they simply get the final result.
Macros therefore facilitate recurring tasks and are a practical and powerful tool.
But how do cybercriminals hijack their use to turn them against us?
Macros and cybercrime
Although they can be used without knowing how to manipulate code, macros generate VBA code to perform the requested tasks. By modifying this code, more complex tasks can be performed and written instructions can be added. This is how cybercriminals operate.
First, the hacker sends you an email containing a seemingly innocuous file with macros. They then hope that you will activate them by opening the document, thereby launching the malicious code they have written.
Finally, this code, known as a macro virus, can run on the system as soon as the document is opened, without any user intervention, sometimes even without their knowledge.
Macros are therefore a common vector for spreading attacks, particularly ransomware, such as Emotet , for example. Macros offer an almost infinite list of possibilities for malware authors, who are constantly evolving and becoming more sophisticated every day.
How can you protect yourself against macro viruses?
Macro viruses are mainly spread via email, as attachments in office documents that support macros.
To help you identify them, here are the document formats that support macros:
| For WORD | For PowerPoint | For EXCEL |
| .dot .docm .dotm | .pptm .potm .ppsm .ppam .ppa | .xls .xlt .xlsb .xlsm .xltm .xlam |
General recommendations for using files containing macros:
First, always refuse to run macros, and avoid opening documents that contain them.
Then, only enable macros if you are 100% sure of the document's origin.
Handle them with care, as the activation of malicious macros by a single user is enough to corrupt all of your organization's data.
To avoid falling into hackers' traps, help your users recognize critical situations with the solution Before You Click, a phishing awareness based on learning by doing.
