Increased malware attacks via Excel files
So-called Excel add-ins extend optinal commands and features for Microsoft Excel. However, security researchers at HP have observed a particular trend of an increase in cyber attacks via Excel extension files.
HP's security team identified a large number of cyber-attacks in which Excel add-in files were misused to deliver malware. The number of attackers infecting systems with malicious Excel add-in files had increased six-fold compared to the last quarter.
For example, the cyber criminals can gain access to companies and individuals via malicious Excel extensions and continue their attack tactics with ransomware attacks.
According to HP Wolf Security, the technique via Excel add-ins is particularly dangerous because the malware can be executed with just one click. The security researchers were also able to identify various malware construction kits, which also make it easier for inexperienced attackers to carry out such attacks.
Other findings from HP's security study:
- 13 percent of the isolated email malware had bypassed at least one gateway scanner.
- 136 different file extensions were used in the attempts to infect companies.
- 77 percent of the detected malware was spread via email, 13 percent via Internet downloads.
- The most common attachments used to spread malware were documents (29 percent), archives (28 percent), program executables (21 percent) and spreadsheets (20 percent).
- The most common phishing lures related to New Year or business transactions with keywords such as "order," "2021/2022," "payment," "purchase," "inquiry," and "invoice."
Source: HP Wolf Security
