Researchers Warn of Active Malware Campaign Using HTML Smuggling
#1
Information 
Quote:A recently uncovered, active campaign called “Duri” makes use of HTML smuggling to deliver malware.
 
An active campaign has been spotted that utilizes HTML smuggling to deliver malware, effectively bypassing various network security solutions, including sandboxes, legacy proxies and firewalls.
 
Krishnan Subramanian, security researcher with Menlo Security, told Threatpost that the campaign uncovered on Tuesday, dubbed “Duri,” has been ongoing since July.
 
It works like this: The attackers send victims a malicious link. Once they click on that link, a JavaScript blob technique is being used to smuggle malicious files via the browser to the user’s endpoint (i.e., HTML smuggling). Blobs, which mean “Binary Large Objects” and are responsible for holding data, are implemented by web browsers.
 
Because HTML smuggling is not necessarily a novel technique — it’s been used by attackers for awhile, said Subramanian — this campaign shows that bad actors continue to rely on older attack methods that are working. [...]

Read more: https://threatpost.com/active-malware-ca...ng/158439/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Messages In This Thread
Researchers Warn of Active Malware Campaign Using HTML Smuggling - by silversurfer - 19 August 20, 12:37

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AMD prepares Linux support for new Low P...
AMD Linux patch ad...harlan4096 — 07:16
Opera 149.0.7827.197
Dear Opera Users! ...harlan4096 — 07:14
Privazer 4.0.124.1 (28 June 2026)
v4.0.124.1 (28 Jun...harlan4096 — 07:13
GlassWire 3.9.1102 - (June 29, 2026)
Version 3.9.1102 -...harlan4096 — 07:12
AMD Radeon Software Adrenalin 26.6.4 dri...
AMD Radeon Software...harlan4096 — 07:10

[-]
Birthdays
Today's Birthdays
avatar (43)uapedDow
avatar (47)suiscced
avatar (48)Angarpaf
avatar (41)clarissalo60
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (41)optsaZes
avatar (40)RaymondViata
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>