First of all, what should they be called?Macro VirusesYes, an eerie name to begin with. As defined by Kovaks, N. (2018) from
Norton.com, a
macro virus is a computer virus written in the same macro language that is used for software applications. A macro language is a special type of programming language (though not a full language, more like a command-only language) that automates program events. Famous applications such as Microsoft's Word and Excel, are some examples that would be most likely encountered. Any other apps may be carriers too. '.exe' files are some notorious ones too, but doesn't use macros. These files are brought to you through emails, downloading of other apps, clicking unknown hyperlinks, et cetera.
So how do they transmit viruses?Let's say you've downloaded the infected file. Using the definition given above, we can easily understand that these viruses uses the command automation ability of the macro language to inflict their damage. The virus would be inserted between these commands, and by simply opening the file, BOOM! The virus would now have infected your other files and probably have replicated itself. And if you didn't knew that happened, it would take a while before you even notice it.
One famous example of this is the Melissa Virus, March 1999. It is an email that contains a file saying that it is the file requested by the user. When the user opens it, the macro then resends itself to several other contacts from the user's list. Although harmful, it made Microsoft really alarmed.
This is also similar to viruses passed when an infected USB stick is plugged into your computer, when it doesn't transmit the virus the moment you plug it, then it will when you open it.
Is this harmful?No, but yes. According to a topic about Word macro viruses on Microsoft Support's FAQ Section, "Some macro viruses are annoying but not harmful; others can be very destructive." They also claim that it will only affect other similar files and not actual software, which in most cases is true and there are no major news of its having to disrupt certain systems (correct me if I'm wrong). It does get annoying especially these virus can modify or create files, cause error prompts, and even slow down your computer. Microsoft Support also specified encountering the word "WAZZU" on random locations.
However, we should not dismiss the fact that it is very likely that these may have the power to open the path for other malicious software to enter your system, those that can bring serious trouble. User @kiklo uncovered a connection between macro virus and ransomware, a must read:
https://bitcointalk.org/index.php?topic=1590315.msg15980762#msg15980762. So it is best to get rid and avoid all of those.
How do I avoid it?Simply, don't open nor download files that are from untrusted and suspicious origins. Be wary when downloading files from unsafe sites. Have an antivirus installed so it may block it before it even enters your system.
Please also note that these tips shouldn't just apply to this particular scenario but can also protect you from many virus attacks too.
I've also mentioned a similar transmission when opening an infected USB stick, I know a trick to still access it without clicking it. You can type it from the address bar of the Windows pane (e.g. 'F:') so you can access it without triggering the virus. I don't know if it is still a usable trick today, but that's what I do when my PC is plugged with an unknown stick.
If my system has already been infected, is there a way to remove it?Hopefully yes, and as I've read it may also be simple. There is a manual way to do it as explained here:
https://us.norton.com/internetsecurity-malware-macro-viruses.html#:~:text=What%20is%20a%20macro%20virus%3F,languages%20are%20embedded%20in%20documents. It's in the "How do I get rid of the macro virus" part.
User @asianguy845 made an interesting list in avoiding and removing viruses here:
https://bitcointalk.org/index.php?topic=5257348.0Most of the time, different viruses have different ways to treat. Some can only be done manually, most can be done with the help of safe third-party apps. Avoid them all, on most times, by installing an anti-virus.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Thank you for reading this simple thread about Macro Viruses and I hope it helps or may help you in the future. May this be helpful for everyone, and please keep safe from these traps.
If you want to read more about Ransomware, you may find this informative:
https://bitcointalk.org/index.php?topic=5280739.0If you want to know more about macro-related virus attacks, I'd suggest you read this:
https://searchsecurity.techtarget.com/definition/macro-virusREFERENCES:
Kovaks, N. (2018). Everything you need to know about macro viruses.
Norton. Retrieved October 24, 2020 from
https://us.norton.com/internetsecurity-malware-macro-viruses.html#:~:text=What%20is%20a%20macro%20virus%3F,languages%20are%20embedded%20in%20documents.
Word Micro Viruses (updated, 2018).
Microsoft Support. Retrieved October 24, 2020 from
https://support.microsoft.com/en-ph/help/211607/frequently-asked-questions-about-word-macro-virusesRouse, M. (2018). macro virus.
TechTarget Network. Retrieved October 24, 2020 from
https://searchsecurity.techtarget.com/definition/macro-virus
