wormmacro

Wormmacro is a descriptive term used in cybersecurity to refer to a class of self-replicating malware that propagates primarily by abusing macros embedded in document files. The term blends worm and macro to indicate its propagation mechanism rather than naming a specific program or family. It is typically used to describe macro-based worms across various platforms and generations.

Mechanism and behavior

Wormmacro threats are usually delivered as malicious documents, such as Word or Excel files, shared via email,

History and context

Macro-based malware has a long history dating back to late 1990s, with early Word macro viruses such

Detection and mitigation

Best practices include disabling macros by default, applying the principle of least privilege, and enforcing strict