Evil Clippy comes from Dutch security researchers Outflank: "a tool which assists red teamers and security testers in creating malicious MS Office documents. Amongst others, Evil Clippy can hide VBA macros, stomp VBA code (via p-code) and confuse popular macro analysis tools. It runs on Linux, OSX and Windows." Evil Clippy's magic depends in part on some awesomely terrible undocumented Office features, including "VBA Stomping": "if we know the version of MS Office of a target system (e.g. Office 2016, 32 bit), we can replace our malicious VBA source code with fake code, while the malicious code will still get executed via p-code. In the meantime, any tool analyzing the VBA source code (such as antivirus) is completely fooled." (via Eva)
Popular Posts
-
Looking for something to illustrate a post about crunch-time in game development, I ran into this video depicting many forms of footwear (...
-
You might not know this, but the editors of Wikipedia maintain an automated list of all the world's cookies. The have everything from ...
-
I've been getting a lot of review copies of games sent to me lately, so I thought, periodically, I'd share some of what looks inter...
-
This modified 1970s Land Rover military truck, seen in the 1995 film Judge Dredd, is for sale on Craigslist in Dallas. No title. No odomet...
-
The guest this week on my Cool Tools show is Madeline Ashby . Madeline is a science fiction writer and futurist living in Toronto. Her mos...
-
Actor Lindsay Lohan has a new job! She's a spokesperson for Lawyer.com. It's a truly brilliant move on both their parts. Here's...
-
Peter Serafinowicz brings us the latest installment of Sassy Trump and his wise insight on Hurricane Irma, headed toward Florida. In Sassy...
-
The Suez Canal is blocked by a 400-m container ship that somehow got stuck in the 210m-wide channel sideways . [John Scott-Railton via Agie...
-
Myisha Haynes and Jaz Malone released the second in their fun and interesting series on how cartoonists can draw black people while avoidi...
