GoogleがVirusTotal Malware Trends Reportを公開。メールの添付ファイルを通じたマルウエアの拡散手法は変わらず。従来のExcel,RTFなどは減少し代わりにOneNote、JavaScriptが2023年急増傾向。

VirusTotal Malware Trends Report: Emerging Formats and Delivery Techniques

WEDNESDAY, JULY 26, 2023

We just released a new edition of our “VirusTotal Malware Trends Report” series, where we want to share VirusTotal’s visibility to help researchers, security practitioners and the general public better understand the nature of malicious attacks, this time focusing on “Emerging Formats and Delivery Techniques”. Here are some of the main ideas presented there:

Email attachments continue to be a popular way to spread malware.

Traditional file types (Excel, RTF, CAB and compressed formats) are becoming less popular. Although the use of PDFs slowly decreased for the last few months in June 2023 we observed the biggest peak for the last two years.

OneNote and JavaScript (distributed along HTML) are the most rapidly growing formats for malicious attachments in 2023.

OneNote emerged in 2023 as a reliable alternative for attackers to the traditional use of macros in other Office products.

ISO files for malware spreading are a flexible alternative for both widespread and targeted attacks. Distribution as heavily compressed attachments makes them difficult to scan by some security solutions.

ISO files are being disguised as legitimate installation packages for a variety of software, including Windows, Telegram, AnyDesk, and malicious CryptoNotepad, among others.

quoted from VirusTotal Malware Trends Report

VirusTotal Malware Trends Report: Emerging Formats and Delivery Techniques
ジャイロセキュリティ
Nash
deep instinct
脆弱性診断
無料セキュリティポリシー配布中
ジャイロセキュリティ
ジャイロセキュリティ
Nash
deep instinct
脆弱性診断

無料脆弱性診断実施中

無料セキュリティポリシー配布中

無料
情報セキュリティポリシー
配布中

第三世代のウィルス対策
Nash
DeepInstinct
webサイト脆弱性診断
セキュリティポリシー
jyrosecurity (3)
Nash (4)
DeepInstinct
previous arrowprevious arrow
next arrownext arrow
Shadow