What you need to know
- The Microsoft 365 Defender Threat Intelligence Team has made a post to raise awareness about the increased prevalence of HTML smuggling.
- HTML smuggling has the capacity to bypass many of the filters typically used to protect against dangerous files.
- Advanced though the technique may be, its activation still relies on the oldest trick in the book: Requiring a user to click on something they shouldn't.
Microsoft wants to make sure tech aficionados remain vigilant of the latest cyber threats, including HTML smuggling. HTML smuggling is a threat type the Microsoft 365 Defender Threat Intelligence Team has seen show up with increasing frequency in attacks looking to offload remote access Trojans (RATs) and banking malware onto unsuspecting targets. Threat actors such as the ones behind the massive SolarWinds drama of 2020 and 2021 are an example of those utilizing HTML smuggling.
Microsoft crafted a lengthy blog post (opens in new tab) on the subject, outlining what the threat is, how it endangers users, and what it looks like in the wild. A chunk of the content is highly technical, but there's a lot of digestible, informative detail in there as well. Here's an excerpt:
Spooky stuff, right? However, though that paragraph makes the threat easy to comprehend, it also highlights why this may not end up being a threat at all for a lot of people: It requires a voluntary click. And a lot of the time, an email packing danger is poorly written enough to unintentionally warn you in advance.
With that said, be sure to check out Microsoft's blog post for the full scoop on how HTML smuggling campaigns attempt to dupe users into exposing their machines. Sometimes, malicious parties can be pretty convincing.
Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to email@example.com.
I thought you packed Trojans to prevent viruses.
Thank you, Sven.
click it all !
Stay vigilant always.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.