Document-Based Malware on the Rise in 2019

shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Forum Veteran
Jul 3, 2015
8,148
1
31,237
8,388
Middle Earth
Content source
https://blog.barracuda.com/2019/04/04/threat-spotlight-document-based-malware/
Barracuda researchers have uncovered an alarming new rise in the use of document-based malware. A recent email analysis revealed that 48% of all malicious files detected in the last 12 months were some kind of document. More than 300,000 unique malicious documents were identified!

Since the beginning of 2019, however, these types of document-based attacks have been increasing in frequency – dramatically. In the first quarter of the year, 59% of all malicious files detected were documents, compared to 41% the prior year.
Here’s a closer look at document-based malware attacks and solutions to help detect and block them.

blog.barracuda.com

Threat Spotlight: Document-Based Malware

This Threat Spotlight highlights a recent increase in document-based malware and looks at how modern security solutions can detect these attacks.
blog.barracuda.com blog.barracuda.com
 
  • Like
Reactions: spaceoctopus, Andy Ful, g4nu5 and 3 others
Often document-based malware samples infect systems because they could download, by using embedded malicious scripts, more dangerous threats like ransomware, rootkit, bootkit, botnets, backdoors, keyloggers and others.

It's very important to not open all emails we receive, especially in Spam folder because they could have as attachment malicious documents, I would suggest to open our emails in a sandboxed browser to prevent damages by possible accidental downloads of malicious attachments and block them in the sandbox so they cannot affect the real system.
 
Last edited:
  • Like
Reactions: spaceoctopus, Nestor, shmu26 and 1 other person
JM Safe said:
I would suggest to open our emails in a sandboxed browser to prevent damages by possible accidental downloads of malicious attachments and block them in the sandbox so they cannot affect the real system.
Click to expand...
Accidental downloads can't hurt you unless you open them.
 
  • Like
Reactions: spaceoctopus, JM Safe and harlan4096
JM Safe said:
Yes, obviously I was talking about executing them would be very dangerous.
Click to expand...
I just wanted to point that out because to some people, less knowledgeable than you, it is not obvious at all. :)
Sometimes the forced downloads look very "safe", they look like they are just cute pics, and that does trick people into opening them. The danger can be mitigated either by sandboxing the browser, as you said, or by implementing a default/deny solution to protect from all accidental executions.
 
  • Like
Reactions: spaceoctopus, harlan4096 and Nestor
You must log in or register to reply here.

You may also like...