Left Menu

HP warns of rise in malicious PDF campaigns and Office exploits

Devdiscourse News Desk | California | Updated: 17-02-2024 10:38 IST | Created: 17-02-2024 10:38 IST
HP warns of rise in malicious PDF campaigns and Office exploits

Attackers are continuing to diversify attack methods to bypass security policies and detection tools, according to HP's quarterly HP Wolf Security Threat Insights Report, based on data gathered from consenting HP Wolf Security customers from October to December 2023.

Here are the key takeaways from the HP Wolf Security Threat Insights Report:

DarkGate campaign: It utilizes malicious PDFs, disguised as OneDrive error messages, to direct users to sponsored content where DarkGate malware is deployed. The use of ad services allows attackers to analyze and refine their campaigns for effectiveness.  The malware provides backdoor access to networks, posing significant risks like data theft and ransomware.

Secondly, the report shows that there has been a notable shift towards exploiting vulnerabilities in Office applications, with a significant percentage of intrusions involving spreadsheets (84%) and Word (73%) documents. However, macro-enabled attacks are still prevalent, especially when it comes to deploying commodity malware like Agent Tesla and XWorm.

According to the HP Wolf Security Threat Insights Report, there has been a significant rise in the use of PDFs to deliver malware (from just 4% in Q1 and Q2 2023 to 11% in Q4), with campaigns like WikiLoader deploying Ursnif malware through fake parcel delivery PDFs.

Cybercriminals are exploiting legitimate file and text-sharing websites like Discord and TextBin to host malicious files, which helps them avoid detection by anti-malware scanners.

Archives continue to remain the most popular malware delivery type for the seventh quarter running, used in 30% of malware analyzed by HP.

Commenting on this development, Alex Holland, Senior Malware Analyst in the HP Wolf Security threat research team, said, "Cybercriminals are becoming adept at getting into our heads and understanding how we work. For instance, the design of popular cloud services is always being refined, so when a fake error message appears, it won’t necessarily raise an alarm, even if a user hasn’t seen it before. With GenAI generating even more convincing malicious content at little-to-no cost, distinguishing real from fake will only get harder."

TRENDING

1
Taiwan defence ministry warns of 'serious impact' to security under new funding laws

Taiwan defence ministry warns of 'serious impact' to security under new fund...

 Taiwan
2
Japan Airlines systems hit by cyberattack, NTV says

Japan Airlines systems hit by cyberattack, NTV says

 Japan
3
Prayers and tears mark 20 years since Indian Ocean tsunami that killed some 230,000 people

Prayers and tears mark 20 years since Indian Ocean tsunami that killed some ...

 Global
4
UPDATE 1-At least 10 killed in Israeli strikes on Gaza, medics say

UPDATE 1-At least 10 killed in Israeli strikes on Gaza, medics say

Global

OPINION / BLOG / INTERVIEW

AI’s rapid growth fueling public health crisis

AI that forgets: New approach could revolutionize privacy and efficiency of large models

Revolutionizing Urban Waste: Circular Economy Solutions for a Sustainable Future

How Climate Change Impacts Nigeria’s Healthcare System and What Can Be Done

DevShots

Latest News

Connect us on

LinkedIn Quora Youtube RSS
Give Feedback
Subscribe to our Newsletter  

SECTORS

EDITIONS

OTHER LINKS

OTHER PRODUCTS

CONNECT

Devdiscourse

Email: info@devdiscourse.com
Phone: +91-720-6444012, +91-7027739813, 14, 15

VisionRI | Disclaimer | Terms of use | Privacy Policy

© Copyright 2024