PowerPoint is more dangerous than ever

6th October 2021
In its latest findings, McAfee has discovered that there has been a surge in malicious PowerPoint documents.
In its latest findings, McAfee has discovered that there has been a surge in malicious PowerPoint documents.


McAfee has discovered a new trend in cyberattacks that has risen this year: the phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint.


How is an attack launched?


An attacker will send a spam email with a PowerPoint document attached. When the user opens the PowerPoint, the VBA macro executes to deliver variants of the well-known password stealer, AgentTesla.


What is AgentTesla?


AgentTesla is a RAT (Remote Access Trojan) malware that was discovered in 2014. RATs like this are used as a MASS (Malware-As-A-Service) for attackers to steal under credentials via screenshots, keylogging, and clipboard information.

From Q1 to Q2, McAfee has seen PPT malware attacks triple in 2021. In these attacks, the spam email contains an attached file with a .ppam extension, a PowerPoint file containing VBA code. The sentiment used was finance-related themes such as: “New PO300093 Order” as shown below, where the attachment’s filename is “300093.pdf.ppam”.

PPAM files were first introduced in 2007 upon the release of Microsoft Office 2007. It is a PowerPoint macro-enabled Open XML add-in file and contains features that extend default PowerPoint Functions.

Book Review: Catching Giants.
Trending
Book Review: Catching Giants.

Since PowerPoint supports ‘add-ins’ developed by third parties to add new features, attackers abuse this feature to automatically execute macros. To learn more about how McAfee breaks down how to track the files released from the macros here.

READ MORE:
Symptoms of a wider issue

Earlier this year, Proofpoint and leading cybersecurity and top IT security research organization, Ponemon Institute, released a new study examining the Cost of Phishing. The report has revealed that the cost associated with phishing attacks has almost quadrupled in the last six years. As a result, large companies in the US are losing an average of US$14.8mn annually, or $1,500 per employee. This is a drastic $3.8mn increase from 2015’s figure.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

We think you'll like:

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

Overcoming the Obstacles to AI Adoption

Kit Cox • 02nd May 2024

The power of AI combined with suitable use cases and a robust implementation plan can help businesses to radically reduce the time spent on manual, repetitive tasks, and allow teams to prioritise value-added work. But in all the excitement, it’s evident that many businesses are held back by inertia, and a lack of understanding about...

Overcoming the Obstacles to AI Adoption

Kit Cox • 02nd May 2024

The power of AI combined with suitable use cases and a robust implementation plan can help businesses to radically reduce the time spent on manual, repetitive tasks, and allow teams to prioritise value-added work. But in all the excitement, it’s evident that many businesses are held back by inertia, and a lack of understanding about...

How Predictive AI is Helping the Energy Sector

Colin Gault head of product at POWWR • 29th April 2024

In the past year or so, we have seen the emergence of many new and exciting applications for predictive AI in the energy industry to better maintain and optimise energy assets. In fact, the advances in the technology have been nothing short of rapid. The challenge, though, has been in supplying the ‘right’ data to...

How Predictive AI is Helping the Energy Sector

Colin Gault head of product at POWWR • 29th April 2024

In the past year or so, we have seen the emergence of many new and exciting applications for predictive AI in the energy industry to better maintain and optimise energy assets. In fact, the advances in the technology have been nothing short of rapid. The challenge, though, has been in supplying the ‘right’ data to...

Cheltenham MSP is first official local cyber advisor

Neil Smith Managing Director of ReformIT • 23rd April 2024

ReformIT, a Managed IT Service and Security provider (MSP) based in the UK’s cyber-capital, Cheltenham, has become the first MSP in the local area to be accredited as both a Cyber Advisor and a Cyber Essentials Certification Body. The Cyber Advisor scheme was launched by the Government’s official National Cyber Security Centre (NCSC) and the...

How we’re modernising BT’s UK Portfolio Businesses

Faisal Mahomed • 23rd April 2024

Nowhere is the move to a digitised society more pronounced than the evolution from the traditional phone box to our innovative digital street units. Payphone usage has dropped massively since the late 1990s/2000s, with devices and smart phones replacing not only communication access, but the central community points that the payphones once stood for. Our...

How we’re modernising BT’s UK Portfolio Businesses

Faisal Mahomed • 23rd April 2024

Nowhere is the move to a digitised society more pronounced than the evolution from the traditional phone box to our innovative digital street units. Payphone usage has dropped massively since the late 1990s/2000s, with devices and smart phones replacing not only communication access, but the central community points that the payphones once stood for. Our...

What is a User Journey

Erin Lanahan • 19th April 2024

User journey mapping is the compass guiding businesses to customer-centric success. By meticulously tracing the steps users take when interacting with products or services, businesses gain profound insights into user needs and behaviors. Understanding users’ emotions and preferences at each touchpoint enables the creation of tailored experiences that resonate deeply. Through strategic segmentation, persona-driven design,...