This simple cyberattack is still among the most effective

HTML attachments may be simple, but remain deadly

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybercriminals may be getting more sophisticated by the day, but simpleHTMLfile distribution still remains one of the most popular tactics, new research shows.

According to telemetry data from cybersecurity company Kaspersky, in the first four months of 2022, there were more than two million maliciousemailscarrying weaponized HTML files.

March 2022 was the most active month of the year so far for this type of attack, with 851,000 detections. Last month saw just 387,000 detections, although Kaspersky says this could just be a “momentary shift”, and doesn’t necessarily suggest a shift in the wider trend.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Popular attack vector

HTML owes its popularity among cybercriminals to its effectiveness against antispam engines and other cybersecurity measures. Short for HyperText Markup Language, it is the standard markup language for web pages and other documents designed to be displayed in aweb browser.

When weaponized, HTML files can redirect users to malicious sites, have them downloadmalwareor viruses, and locally display various phishing forms.

As the language itself cannot be deemed malicious, it hardly gets detected by email security solutions, either.

‘Undetectable’ malware kit packs a whole load of threats into a single package>The little-known pact at the heart of cybersecurity>REvil ransomware is officially back in action

According to BleepingComputer, the technique saw its glory days in 2019, but remains a “common” technique in today’s phishing campaigns. The publication stresses that just opening HTML files is often enough to have JavaScript running on the targetendpoint, which could result in malware being assembled on the disk itself, thus bypassing any security software.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Email continues to be one of the most popular attack vectors for cybercriminals. It’s widespread and cheap, making it an ideal tool for the distribution of spyware,ransomware, and other malware, as well as phishing attacks.

Cybersecurity researchers are warning users to always be suspicious of incoming emails, especially when they carry links or attachments. Even if the email security solution installed on the device does not trigger a warning, HTML attachments should be treated as suspicious.

ViaBleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

I fell in love with the cute and compact Hyundai Inster, but it has one major drawback