Recently, a new edition of the document known as VirusTotal Malware Trends Report, which focuses specifically on the methods of dissemination and the file formats used. The report edited by VirusTotal it allows insiders as well as experts in the sector to understand and prevent any cyber attacks.
To create all the data in this report, a database was used consisting of information collected, thanks to the contribution of ordinary users, from January 2021 until the end of June 2023.
According to research, attackers are always using new file types and tactics to bypass detection. The email attachments continue to be one of the main common means to propagate malicious agents.
In spite of this, however, the PDF format it remains one of the main vehicles exploited by cybercriminals and, indeed, its use has increased considerably at this juncture. Not for nothing, the largest spike in suspicious PDF files on record occurred in June 2023. Overall, this speaks to the 500% of increases from January 2021.
As stated on the report by VirusTotal “we have observed that these PDFs are used for various purposes; for example, they could be prepared to exploit a vulnerability, or simply contain a link to a phishing site requesting information“.
Malware via PDF? That’s not the only interesting fact: OneNote worries the experts
Beyond the impact numbers, there are also other worrying facts revealed by VirusTotal.
Among them stands out the introduction of OneNote as a replacement for macros to help spread malware. A technique that took most of the antivirus by surprise, causing considerable damage to the user. According to experts, this type of modus operandi will be one of the biggest cybersecurity challenges in 2023.
In this regard, VirusTotal states how “OneNote malicious files usually embed a malicious file (vba, html+jscript, PowerShell or more of them at the same time) and, as happens with malicious Office attachments, try to convince the victim to allow execution“.
Data in hand, it seems that even the use of file ISO to spread malicious agents is an increasingly common practice.
Returning to the PDF question, however, this is not the only “tested” technique for circulating rapidly growing malware. The use of attachments in email messages seems to have increased in 2022: an indication that certain methods never go out of style.