HP Inc. recently released its latest “Threat Insights Report”highlighting a Worrying trend in the use of malware kits and generative artificial intelligence (GenAI) to enhance the efficiency of cyber attacks. These tools are reducing the time and expertise needed to create attack components, allowing attackers to focus on techniques to evade detection systems and deceive victims, for example by embedding malicious code within images.
The report analyzes real-world cyber attacks, providing organizations with crucial data to stay up-to-date on the techniques cybercriminals use to breach systems and break into PCs in a rapidly evolving cybercrime landscape.
“The cyber threat landscape continues to evolve rapidly, with increasingly sophisticated techniques putting the security of businesses and users at risk. The use of malware kits and GenAI makes attacks more effective and difficult to detect, requiring a change in approach in cybersecurity. In this context, regulations such as NIS2 and DORA impose more stringent security and resilience standards, pushing companies to strengthen the protection of their systems and data. It is essential to adopt advanced solutions that go beyond simple detection, capable of preventing and isolating threats in real time. HP Wolf Security is committed to providing advanced technologies that protect enterprise devices and data, helping to ensure a secure and resilient digital environment.”– Giampiero Savorelli, CEO HP Italy.
The data, drawn from millions of endpoints protected by HP Wolf Security, highlights several notable campaigns:Dissemination campaigns malware such as VIP Keylogger and 0bj3ctivityStealer they use common techniques and loaders, indicating the use of malware kits to deliver different payloads. In these campaigns, malicious code is hidden within images on file hosting sites, such as archive.org, bypassing the websites’ reputation-based security systems.”Cybercriminals are escalating attacks with ever-increasing speed and variety. If a malicious Excel document is blocked, the next attack could come in the form of an archive file, bypassing defenses. Instead of constantly chasing new infection methods, organizations should focus on reducing their own vulnerability. This means limiting risky activities, such as opening email attachments, clicking links, and downloading from browsers, to dramatically reduce the chances of an attack.“, says Dr. Ian Pratt, Global Head of Security for Personal Systems at HP.
GenAI and malicious HTML documents: The use of GenAI to create malicious HTML documents was identified in a campaign spreading the XWorm remote access trojan. This technology helps write the codes that will then be used to download and launch the malware.
The threat also lurks in video games, precisely due to the enormous diffusion of some titles, the report warns of risks in video game tools: Hackers compromise cheat tools and video game modification repositories hosted on GitHub, adding executable files that contain Lumma Stealer malware, capable of stealing passwords, crypto wallet information and browsing data. Users often disable security tools to download and use these cheats, increasing the risk of infections.
