The Duri attack campaign which has been launched by an unknown hacking group has revealed that cybercriminals have devised a new intrusion technique – HTML smuggling. It allows hackers to distribute dangerous payloads by utilizing detection evasion by security features.
HTML Smuggling Revealed as A New Hacking Method: Discovered via The Duri Attack Campaigm
- Ransomware — These are file encrypting viruses which are designed to encrypt user data with a strong cipher. Usually the files tat are to be processed will be selected from a hacker-created list. Most of the threats of this category will rename the victims files with a given extension. The victims will then be extorted to pay a decryption fee, it is usually in cryptocurrency assets and are to be wired to a secure wallet address.
- Trojan Horse Infections — These are virus threats which are designed to deploy a local client engine silently onto the computers. They will establish a secure connection to the hacker-controlled server and allow them to take over control.
- Cryptocurrency Miners — These are web scripts which can be run from within the browser windows. They are tasked with the downloading and execution of performance-intensive tasks. They place a heavy toll on the essential hardware components and may render the computer completely unusable. For every completed and reported instance the criminals will receive payment in digital cryptocurrency.
Using this Duri attack approach the dropped payloads can be placed in such a way which will install it as a persistent threat. This means that the virus will automatically start when the computer is powered on and it can bypass the installed security services.