Cybercriminals are becoming more perfect but simple every day HTML file distribution remains one of the most popular tactics, new research shows.
According to the telemetry company of cybersecurity company Kaspersky, in the first four months of 2022 there were more than two million malicious emails containing armed HTML files.
March 2022 was the most active month of the year for this type of attack: 851,000 people were detected. Only 387,000 discoveries were recorded last month, although Kaspersky says it could be just an “instant shift” and does not necessarily indicate a shift in a broader trend.
A popular vector of attack
HTML owes its popularity among cybercriminals to its effectiveness against spam protection systems and other cybersecurity measures. Abbreviation for HyperText Markup Language, it is the standard markup language for web pages and other documents intended to be displayed in web browser.
When armed, HTML files can redirect users to malicious sites for download. malware or viruses, and locally display various forms of phishing.
Because the language itself cannot be considered harmful, it is also unlikely to be detected by email security solutions.
According to BleepingComputer, the technique saw its glory days in 2019, but remains a “regular” technique in today’s phishing companies. The publication emphasizes that simply opening HTML files is often enough to run JavaScript on target end pointwhich can lead to the assembly of malware on the disk itself, bypassing any security software.
Email remains one of the most popular attack vectors for cybercriminals. It is widespread and cheap, making it an ideal tool for spreading spyware, extortionistsand other malware as well as phishing attacks.
Cybersecurity researchers warn users to always be suspicious of incoming emails, especially if they carry links or attachments. Even if the email security solution installed on your device does not cause a warning, HTML attachments should be considered suspicious.
Through BleepingComputer
https://www.techradar.com/news/this-simple-cyberattack-is-still-among-the-most-effective/
