Security News > 2022 > August > Which malware delivery techniques are currently favored by attackers?

Which malware delivery techniques are currently favored by attackers?
2022-08-11 08:19

A wave of cybercriminals spreading malware families - including QakBot, IceID, Emotet, and RedLine Stealer - are shifting to shortcut files for email malware delivery.

Shortcuts are replacing Office macros - which are starting to be blocked by default in Office - as a way for attackers to get a foothold within networks by tricking users into infecting their PCs with malware.

HTML smuggling reaches critical mass - HP identified several phishing campaigns using emails posing as regional post services or major events like Doha Expo 2023 that used HTML smuggling for malware delivery.

Novel execution technique sees shellcode hidden in documents spread SVCReady malware - HP uncovered a campaign distributing a new malware family called SVCReady, notable for the unusual way it is delivered to target PCs - through shellcode hidden in the properties of Office documents.

The malware - mainly designed to download secondary malware payloads to infected computers after collecting system information and taking screenshots - is still in an early stage of development, having been updated several times in recent months.

14% of email malware captured by HP Wolf Security bypassed at least one email gateway scanner.


News URL

https://www.helpnetsecurity.com/2022/08/11/email-malware-delivery-techniques/