Hackers use old malware in new packaging to attack Windows 10 PCs
A team of security researchers at Glass Wall Solutions recently released a new threat analysis report. The report highlights the fact that around 85% of CVE malware came from known sources during Q1 2019.
Windows 10 has a bad history as far as the bugs are concerned. Certain vulnerabilities are an inherent part of each new update.
However, it is surprising to learn that hackers are now taking advantage of the vulnerabilities that have been fixed by Microsoft.
Hackers are distributing old malware in new packaging
This situation raises some important security concerns. Attackers are now using old malware to launch brand new attacks on your systems.
The attackers are well aware of the fact that many big enterprises and organizations are still using outdated platforms such as Windows 8, 7 and Windows XP.
These organizations have their own reasons to use these legacy systems in the operational environment. The researchers pointed out that around 37% of systems are still using Windows 7 OS.
Furthermore, the number of Windows 8, 8.1 and Windows XP users are 2.1 %, 7 % and 2.3 % respectively.
This situation makes the respective PCs an easy target. Windows CVE vulnerability trends show that CVE-2017-11882 is highly popular among cybercriminals.
CVE-2017-11882 is basically a vulnerability in the Equation Editor component of Microsoft Office software.
Anyone can take advantage of this vulnerability to get the privileges of a local user in order to run malware programs.
Furthermore, attackers used Office documents to target Windows systems. The File Type Trends show that attackers used 65% Word files, 25% Excel files, and 1% PDF files to spread malware.
Hence, these figures clearly indicate the fact that security vendors failed to protect user computers against known threats.
We can clearly see that attackers are now one step ahead of the game. They are just distributing old malware in new packaging.
Attackers are clever enough to change their tactics and techniques.
Malicious actors targetted Microsoft in 2017 and the history is now repeating itself. Remember the WannaCry episode?
Microsoft really needs to take control of the situation before its too late.
RELATED ARTICLES YOU NEED TO CHECK OUT:
- 1M Windows PCs still vulnerable to BlueKeep malware attacks
- Microsoft Azure is unintentionally hosting malware sites
- 5 best malware tracker maps to see security attacks happen in real-time