There has been a significant uptick in attacks involving malicious files using Microsoft Office document formats in 2023, according to research by Kaspersky.
Kaspersky's detection systems found a 53% increase in attacks using malicious Microsoft Office documents, and other popular document formats such as PDFs, in 2023.
Analysis from the firm’s annual Security Bulletin shows the average number of malicious files detected each day across 2023, with Kaspersky detecting almost 125 million malicious files in total.
Since 2019 this number has increased from around just over 340,000 to over 410,000 malicious files detected by Kaspersky in 2023.
Windows remains the top target for cyber criminals, the report said, representing 88% of all malware detected every day.
Trojans continue to be the most popular type of malware, and backdoor trojans are on the rise in 2023. The number of files identified as part of backdoor trojan attacks increased from 15,000 in 2022 to 40,000 in 2023.
Backdoors are a particularly dangerous attack method as they involve covertly bypassing authentication systems to secure remote access to a system, from which they can execute a wide range of functions such as encrypting data to elevating access privileges.
Kaspersky’s head of anti-malware research Vladimir Kuskov warned the threat landscape is continually evolving with novel tactics, techniques, and procedures (TTPs) being unlocked with the adoption of new technologies such as artificial intelligence (AI).
“The number of vulnerabilities reported is also growing annually, and threat actors including ransomware gangs use them without hesitating. Furthermore, the entry barrier into cyber crime is now being lowered due to the proliferation of AI, which attackers use, for example, to create phishing messages with more convincing texts.”
Threat actors abuse trust with Microsoft Office files
RELATED RESOURCE
Distinguish the difference between fact and fiction when it comes to preventing file-based threats
DOWNLOAD NOW
Using popular Microsoft Office file formats to disguise malware has been a popular attack vector over recent years, with a widespread phishing campaign recorded in 2020 using compromised Excel macros to gain remote access to users’ systems.
Another Microsoft Office-related exploit uncovered in 2021 involved sending emails with a malicious Word file attached as a corrupted RAR archive.
After this file was uncompressed and opened, it infected the user’s system with information-harvesting malware Formbook that steals credentials from browsers, collects screenshots, and logs keystrokes.
-
HPE's new Cray system is a pocket powerhouseNews Hewlett Packard Enterprise (HPE) had unveiled new HPC storage, liquid cooling, and supercomputing offerings ahead of SC25
-
High performance and long battery life: How Dell AI PCs offer the best of both worldsUnlocking the true potential of on-device AI requires a perfect balance between software and hardware
-
CISA issues alert after botched Windows Server patch exposes critical flawNews A critical remote code execution flaw in Windows Server is being exploited in the wild, despite a previous 'fix'
-
Microsoft issues warning over “opportunistic” cyber criminals targeting big businessNews Microsoft has called on governments to do more to support organizations
-
A terrifying Microsoft flaw could’ve allowed hackers to compromise ‘every Entra ID tenant in the world’News The Entra ID vulnerability could have allowed full access to virtually all Azure customer accounts
-
Microsoft and Cloudflare just took down a major phishing operationNews RaccoonO365’s phishing as a service platform has risen to prominence via Telegram
-
Microsoft quietly launched an AI agent that can detect and reverse engineer malwareNews Researchers say the tool is already achieving the “gold standard” in malware classification
-
Microsoft patched a critical vulnerability in its NLWeb AI search tool – but there's no CVE (yet)News Researchers found an unauthenticated path traversal bug in the tool debuted at Microsoft Build in May
-
NCSC says ‘limited number’ of UK firms affected by SharePoint attack as global impact spreadsNews The SharePoint flaw has already had a wide impact according to reports from government security agencies
-
Hackers are using Microsoft 365 features to bombard enterprises with phishing emails – and they’ve already hit more than 70 organizations
News A new phishing campaign uncovered by researchers at Varonis shows threat actors are abusing Microsoft 365's Direct Send feature to launch phishing attacks.
