Researchers Warn of Active Malware Campaign Using HTML Smuggling

Discussion in 'malware problems & news' started by guest, Aug 19, 2020.

  1. guest

    guest Guest

    Researchers Warn of Active Malware Campaign Using HTML Smuggling
    August 18, 2020
    https://threatpost.com/active-malware-campaign-html-smuggling/158439/
     
  2. guest

    guest Guest

    Duri campaign smuggles malware via HTML and JavaScript
    August 18, 2020
    https://www.bleepingcomputer.com/ne...ign-smuggles-malware-via-html-and-javascript/
     
  3. guest

    guest Guest

    Microsoft warns of weeks-long malspam campaign abusing HTML smuggling
    July 26, 2021
    https://therecord.media/microsoft-warns-of-weeks-long-malspam-campaign-abusing-html-smuggling/
     
  4. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Doesn't Microsoft ever do any real work or effort testing for such on their own dang systems? No. They shove them out the door and cope with the fallouts later as usual.
     
  5. guest

    guest Guest

    Reports Point to Uptick in HTML Smuggling Attacks
    Menlo Security and Microsoft report recent campaigns implementing the technique, which helps attackers stealthily deliver malware.
    July 30, 2021

    https://www.darkreading.com/attacks-breaches/reports-point-to-uptick-in-html-smuggling-attacks
    Menlo Security: ISOMorph Infection: In-Depth Analysis of a New HTML Smuggling Campaign
     
  6. guest

    guest Guest

    Microsoft warns of surge in HTML smuggling phishing attacks
    November 12, 2021
    https://www.bleepingcomputer.com/ne...-of-surge-in-html-smuggling-phishing-attacks/
    Microsoft: HTML smuggling surges: Highly evasive loader technique increasingly used in banking malware, targeted attacks
     
  7. guest

    guest Guest

    Attackers use SVG files to smuggle QBot malware onto Windows systems
    By Bill Toulas @billtoulas - December 14, 2022
    Cisco Talos: HTML smugglers turn to SVG images
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,672
    Location:
    The Netherlands
    I guess I need to do some reading because I still can't fully picture how these attacks work. But from what I understood, they are not true ''drive by attacks'' since the user will still have to run the malware manually.
     
  9. guest

    guest Guest

    New 'Blank Image' attack hides phishing scripts in SVG files
    By Bill Toulas @billtoulas - January 19, 2023
     
  10. guest

    guest Guest

    HTML smuggling -- the latest way to to deliver malware
    By Ian Barker @IanDBarker - February 9, 2023
    SpiderLabs: HTML Smuggling: The Hidden Threat in Your Inbox
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.