Hackers Getting Back to Basics: Returning to malicious PDF files


Recent cybersecurity conversations have centred on how hackers are becoming more sophisticated with the help of advanced generative AI.

However, new research from Mimecast shows that businesses are seeing a steady rise in old-fashioned threats, such as malicious PDFs (158% increase) and Excel files (86% increase) in recent months.

Generally, users see relatively few malicious attachments due to the success of current defences and attackers usually use them against specific targets in spear phishing or business email compromise (BEC) attacks, focusing on executives and accounting departments.

But although they remain comparatively unseen, attackers are getting smarter in how they craft the attacks.

Overall, Mimecast sees attackers reducing their reliance on malware sent as attached files in favour of links that can be dynamically modified as links give the attacker the capability to change the payload on the fly and deploy additional covert capabilities.

Other trends observed by Mimecast include:

  • Users at small- and medium-sized companies face a greater number of threats than their larger counterparts because opportunistic attackers tend to see smaller companies as easier targets for phishing and ransomware campaigns.
  • On average, users saw more non-spam, non-malware threats in Q3 2023 compared to Q2 2023.
  • Attackers returned to pre-pandemic targets in Q3 2023, focusing on the internal groups and external services that are critical to business operations.
  • Cybercriminals are exploiting known vulnerabilities to launch attacks far faster than most organisations can patch their systems.
  • Attackers are increasingly using major providers’ cloud services to launch attacks, with an increasing amount of spam and phishing coming from public domains, such as gmail.com and outlook.com.

You can read the full report here.