Microsoft warns of surge in HTML smuggling phishing attacks

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/microsoft-warns-of-surge-in-html-smuggling-phishing-attacks/

Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans (RAT).

While HTML smuggling is not a new technique, Microsoft is seeing it increasingly used by threat actors to evade detection, including the Nobelium hacking group behind the SolarWinds attacks.

How HTML smuggling works​

HTML smuggling is a technique used in phishing campaigns that use HTML5 and JavaScript to hide malicious payloads in encoded strings in an HTML attachment or webpage. These strings are then decoded by a browser when a user opens the attachment or clicks a link.

 

[wat0114]

There is a demo site for this type of attack:

https://www.outflank.nl/demo/html_smuggling.html







In reality, of course, I would be awfully hesitant to open a surprise document.

 

[Zartarra]

There is a demo site for this type of attack:

https://www.outflank.nl/demo/html_smuggling.html

View attachment 261926
View attachment 261927

View attachment 261928


In reality, of course, I would be awfully hesitant to open a surprise document.

site is blocked by Malwarebytes. No problem with McAfee or F-secure.

Thanks for the demo site.