Number of attacks using Microsoft Office files surges in 2023

There has been a significant uptick in attacks involving malicious files using Microsoft Office document formats in 2023, according to research by Kaspersky.

Kaspersky's detection systems found a 53% increase in attacks using malicious Microsoft Office documents, and other popular document formats such as PDFs, in 2023. 

Analysis from the firm’s annual Security Bulletin shows the average number of malicious files detected each day across 2023, with Kaspersky detecting almost 125 million malicious files in total. 

Since 2019 this number has increased from around just over 340,000 to over 410,000 malicious files detected by Kaspersky in 2023.

Windows remains the top target for cyber criminals, the report said, representing 88% of all malware detected every day.

Trojans continue to be the most popular type of malware, and backdoor trojans are on the rise in 2023. The number of files identified as part of backdoor trojan attacks increased from 15,000 in 2022 to 40,000 in 2023.

Backdoors are a particularly dangerous attack method as they involve covertly bypassing authentication systems to secure remote access to a system, from which they can execute a wide range of functions such as encrypting data to elevating access privileges.

Kaspersky’s head of anti-malware research Vladimir Kuskov warned the threat landscape is continually evolving with novel tactics, techniques, and procedures (TTPs) being unlocked with the adoption of new technologies such as artificial intelligence (AI).

“The number of vulnerabilities reported is also growing annually, and threat actors including ransomware gangs use them without hesitating. Furthermore, the entry barrier into cyber crime is now being lowered due to the proliferation of AI, which attackers use, for example, to create phishing messages with more convincing texts.”

Threat actors abuse trust with Microsoft Office files

Using popular Microsoft Office file formats to disguise malware has been a popular attack vector over recent years, with a widespread phishing campaign recorded in 2020 using compromised Excel macros to gain remote access to users’ systems.

Another Microsoft Office-related exploit uncovered in 2021 involved sending emails with a malicious Word file attached as a corrupted RAR archive. 

After this file was uncompressed and opened, it infected the user’s system with information-harvesting malware Formbook that steals credentials from browsers, collects screenshots, and logs keystrokes.