Excel Malware Attacks Up Nearly 600% in Q4 of 2021

Excel add-in malwareThe bad guys have found a new – and quite successful – way to access your computer systems and networks with malware. This time they are using malicious Excel add-ins to get in.

Here’s how it works:

Users receive legitimate-looking emails with .XLL attachments or links. If the recipient double-clicks the attachment or link, they are then prompted to install and activate the add-in. The malicious code most often lives in the xlAutoOpen function, so it immediately runs once the user clicks on it. This method of attach is especially effective and dangerous because it only requires one click to activate the malware. Once clicked, the infected computer contacts a server that provides further instructions. There are various results that can occur, depending on where the .XLL file was generated. For example, some computers are immediately infected with the malware such as RedLine or Ficker Stealer which allows the bad guys to steal sensitive data from your computer, including login information, FTP client information, passwords, credit card information and more.

Here’s what you need to do to protect yourself:

  • If possible, configure your email program to block inbound emails with .XLL attachments. This may already be a setting since .XLL files are not the type of file typically sent by email.
  • If you can’t disable all add-ins because you depend on this for other business software the integrated with Office, make sure your Excel settings only allow add-ins from trusted sources.
  • Set Excel to disable all proprietary add-ins.

How we are addressing this:

We recently rolled out SentinelOne to all our clients, which has several detection layers which in most cases will recognize the malware and warn the user to beware of the file. If it is still downloaded, it can roll back the device to its pre-infected state.

To learn more, you can access the report from HP here.

David Gracey Headshot

David Gracey: Since its founding in 1998, David has grown Network 1 into a top-notch IT services company dedicated to delivering the best solutions for Atlanta’s small and mid-size businesses. His responsibilities include creating the vision and strategy for its growth and establishing the culture of Network 1.

Network 1 designs, builds and supports the IT you need to run your business more securely, productively and successfully. Whether you want to outsource all of your IT needs to a reliable, responsive, service-oriented company, or need to supplement the work of your internal IT staff, we will carefully evaluate where you are now, discuss where you want to go and implement and support a plan to get you there with as little interruption as possible.

Leave a Comment

Related Posts