The Return of the Malicious Attachment

 
 
By Karen A. Frenkel  |  Posted 08-24-2015 Email
 
 
 
 
 
 
 
 
 
  • Previous
    The Return of the Malicious Attachment
    Next

    The Return of the Malicious Attachment

    A new report finds that attachment-based cyber-warfare campaigns have returned in full force, in part because they are efficient and cost-effective.
  • Previous
    What Caused the Return of Malicious Macros?
    Next

    What Caused the Return of Malicious Macros?

    Malicious macro attachment campaigns have grown rapidly in size and frequency because they: Very successfully evade leading traditional signature- and reputation-based defenses; Evade "newer behavioral sandboxes"; Are easily and inexpensively frequently updated
  • Previous
    More Reasons for the Growth of Malicious Macros
    Next

    More Reasons for the Growth of Malicious Macros

    Malicious macros also appeal to hackers now because they: Are cross-platform and unpatchable. They are not limited by vulnerabilities in specific OSs or application versions; Rely on end-user interaction to bypass automated defenses; Have low upfront and maintenance costs, which increase the ROI
  • Previous
    URL-Based Campaign Changes
    Next

    URL-Based Campaign Changes

    Instead of relying on unsolicited email to rope in users, exploit kits such as Angler, RIG and Magnitude deliver CryptoWall and other ransomware to Web servers and compromise infected ad networks.
  • Previous
    Attackers Exploit Social Media
    Next

    Attackers Exploit Social Media

    Distributing malicious content via social media pays off for hackers and scammers. A single phishing lure, malware link or spam message may reach 10,000 or more potential victims.
  • Previous
    High-Profile Current Events Exploited
    Next

    High-Profile Current Events Exploited

    Cyber-attackers target branded social media destinations linked to popular events like NFL Playoffs/Super Bowl, Valentine’s Day, and March Madness. They plant malicious content and lures specifically designed to attract massive demographics these events attract.
  • Previous
    Fewer Unsolicited Messages
    Next

    Fewer Unsolicited Messages

    Overall, the amount of unsolicited messages declined in 2014 compared to 2013 because of high-profile botnet takedowns.
  • Previous
    Message Volume Declined but Malice Increased
    Next

    Message Volume Declined but Malice Increased

    Although the decrease in message volume seems counterintuitive in light of late-2014 public record breaches, maliciousness made up for lost volume. Increased ransomware, other cyber-extortion techniques, and unsolicited email foiled anti-virus detection.
  • Previous
    Daily Unsolicited Message Volume
    Next

    Daily Unsolicited Message Volume

    Median daily volume of unsolicited messages dropped 30% from January to June of this year. The proportion of malicious URLs in these messages remained consistent, ranging from 10 to 20%, however.
  • Previous
    Recommendations
    Next

    Recommendations

    To combat these new threats: Adopt advanced threat solutions that use dynamic malware and predictive malware analyses to detect and stop new threats.; Automate your threat response; Incorporate robust, comprehensive threat intelligence into your digital forensics and incident response tools; Integrate security content enforcement and archiving for email and social media.
 

Malicious attacks have shifted from URL-based campaigns, which dominated last year, to campaigns that rely on attachments to deliver malware payloads, according to a new study. The study also found that phishing increasingly targets business users, and that social media enables attackers to pursue the largest audiences. The overall volume of unsolicited messages, however, continued to decrease. The June report, "ProofPoint Threat Report," addresses why cyber-criminals would resurrect a masking technique that went out of vogue in 2006. Researchers analyzed malware samples and visited forums frequented by Russian cyber-criminals and found that attachment-based campaigns have become popular again because of lower upfront and maintenance costs.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...