More and more criminals are using legitimate websites to obfuscate malicious payloads

[Gandalf_The_Grey]

Content source

https://www.techradar.com/news/more-and-more-criminals-are-using-legitimate-websites-to-obfuscate-malicious-payloads

Hackers are increasingly using legitimate websites to deliver malicious payloads to unsuspecting victims, researchers have revealed.

A report by cybersecurity experts Egress claims some of the world’s most popular websites are being abused to deliver malware, thus effectivelly bypassing standard link checks performed by antivirus and endpoint security solutions.

The paper, based on data taken from Egress’ integrated cloud email security platform, Egress Defend, says YouTube, Amazon AWS, Google Docs, Firebase Storage, and DocuSign are among the top 10 most frequently used websites for this purpose. Furthermore, there has been a 21% increase in the use of this method in Q1 2023, compared to Q4 2022.

“The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the need to enhance defenses to prevent attacks,” said Jack Chapman, VP of Threat Intelligence, Egress. “Every attack we analyzed had bypassed other forms of anti-phishing detection, including secure email gateways (SEGs).”

More and more criminals are using legitimate websites to obfuscate malicious payloads

Legitimate services can be used to bypass protections

www.techradar.com