In response to the news that researchers at SophosLabs have detected a surge in Visual Basic malware, noting that macro-based malware accounted for 28 percent of all document malware in July, up from just six percent in June, Tim Erlin, director of security and risk at Tripwire says:
“Just like any developer, malware authors have multiple language choices for getting the job done. They have to consider the features of each language, including the relative market adoption, when creating a new product. VBA is on the rise because it supports features and capabilities that malware authors value. Portability and avoiding detection are high on the list of valued features in malware, though not to the end user or corporate security teams. It’s important to share this kind of trend data as it lets organizations react and establish controls that may mitigate the risk proactively.”