This feature currently operates with Excel for Windows, Mac, and Excel Online. It’s initially being made available to Office 365 subscribers who are part of the Office Insiders Program.
The inclusion of automated elements within Microsoft Office applications has had a checkered and largely unsatisfactory history. Word macros, for example, have been historically notorious for providing hackers and fraudsters with a convenient avenue for spam generation, the launching of phishing email campaigns, and the distribution of malware.
Within moments of Microsoft’s announcement concerning custom functions for Excel, and their ability to reach beyond an organization’s firewalls, red flags and warning comments began issuing from the cyber-security community at large.
Shortly after the Microsoft announcement, security researcher Charles Dardaman was able to demonstrate this potential in a successful proof-of-concept (PoC) experiment.
On his blog, Dardaman explains how he “started to read Microsoft’s actual documentation on how to implement JS within Excel, and decided I could do this myself. I then signed up for an account on coinhive.com and started to download the preview build of Excel for macOS. After over an hour of downloading the preview on my 5mb down internet, I was able to get my hands on it and get Coinhive running within the newest preview build of Excel.”
The Coinhive in question is a cryptocurrency mining tool which, once embedded in an Excel spreadsheet initiates a cryptojacking operation on the host system, using its CPU and resources to mine the Monero cryptocurrency. Dardaman was able to configure his PoC spreadsheet to eat up 50% of the processing power of its host, but could have easily increased this figure – the challenge in a real attack being to limit the siphoning off of the victim’s resources to a level unlikely to be red-flagged by network monitors or security software.
For now, hitting the “Off” button would seem to be the best precaution for wary enterprise users. Charles Dardaman counsels that:
Share this Post