Macro Malware Development Issuses

Result code in IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F60162694%3AG43__%2F24%3A00560161" target="_blank" >RIV/60162694:G43__/24:00560161 - isvavai.cz</a>

Result on the web

<a href="http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=10171240" target="_blank" >http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=10171240</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/ICMT58149.2023.10171257" target="_blank" >10.1109/ICMT58149.2023.10171257</a>

Result language

angličtina

Original language name

Macro Malware Development Issuses

Original language description

Since the term 'phishing' first appeared in the 1990s, it is by far the most common attack performed by cybercriminals. Phishing exploits 'social engineering' to psychologically manipulate the victim into clicking on a link or opening a malicious attachment, etc., to steal the victim's sensitive information. Over time, phishing tactics have become increasingly sophisticated. Macro malware has also grown in popularity over the years. It easily conceals itself in Microsoft Office files and is spread via email attachments or ZIP files. By combining phishing and macro malware, the project aims to develop and program a functional malware demonstrator that spreads the content of documents and e-mail attachments. Analysis of related subjects, formulation of hypotheses, and implementation of specific experiments are the research methodologies used. The project simulated a real-life phishing attack with two main factors: malware macro and the hacker's server. Macro Malware was developed on Microsoft Excel using Visual Basic for Applications (VBA) and Visual Basic Script (VBS). The functionalities of a malware macro include hiding in an attachment, running automatically on opening files, setting up a remote connection with the hacker's server, and hiding communications with the remote server on the victim's computer. The hacker's server is developed in Python and uses the Socket Programming Method to directly control the victim's computer through Malware Macro. This project focuses on the development of Macro Malware, which exploits functionalities provided by Microsoft Office Applications in a 'malicious' manner. This has made anti-virus software detection and warning extremely difficult. The aim of this project is also to help readers understand the process lifecycle of a phishing attack with Malware Macro, which in turn will increase the awareness of these phishing attacks and the techniques being used.

Czech name

—

Czech description

—

Type

D - Article in proceedings

CEP classification

—

OECD FORD branch

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Project

—

Continuities

I - Institucionalni podpora na dlouhodoby koncepcni rozvoj vyzkumne organizace

Publication year

2023

Confidentiality

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Article name in the collection

2023 9th International Conference on Military Technologies, ICMT 2023 - Proceedings

ISBN

979-8-3503-2568-3

ISSN

—

e-ISSN

—

Number of pages

6

Pages from-to

—

Publisher name

Institute of Electrical and Electronics Engineers Inc.

Place of publication

Brno

Event location

Brno, Czech Republic

Event date

May 23, 2023

Type of event by nationality

CST - Celostátní akce

UT code for WoS article

—