Cybercriminals are constantly showing their creativity in circumventing our computer defenses.
Their latest discovery? The massive use of compressed malware, a technique that is rapidly gaining ground and worrying security experts.
Alarming progress
The latest security data reveal a spectacular 47% rise in attacks using “packaged” malware in April alone. These malicious programs are deliberately compressed or encrypted with the specific aim of fooling traditional detection systems.
This strategy proves particularly formidable, as it enables hackers to conceal their true intentions until the critical moment of malicious code execution.
UPX: the tool of choice for cybercriminals
The UPX (Ultimate Packer for eXecutables) compression tool has become the hacker’s weapon of choice. Its popularity is due to its ease of use and accessibility: even novice cybercriminals can use it to create sophisticated malicious programs.
The process is simple but effective: hackers compress their executable files, making them much harder to detect by conventional antivirus solutions. This technique is particularly popular in ransomware attacks, where the encryption payload remains hidden until deployment.
Teleworking: fertile ground for attacks
Companies that have adopted telecommuting or hybrid working models are on the front line of this threat. The widespread use of VPNs and cloud services multiplies potential points of entry, creating as many security loopholes for cybercriminals to exploit.
This increased vulnerability is due to the difficulty of maintaining a consistent level of security across all remote access points, unlike a traditional office environment which is easier to secure.
An ever-changing threat landscape
Alongside this trend towards compressed malware, analysts are observing other worrying developments:
The rise of targeted VPN attacks: hackers are particularly targeting Fortigate VPN vulnerabilities, with a 38% increase in intrusion attempts. By exploiting these vulnerabilities, they are able to bypass authentication and gain full administrator privileges.
Discreet theft replaces encryption: a new approach is emerging among cybercriminals. Rather than encrypting data to demand a ransom, they now prefer to steal it discreetly and then blackmail companies. This technique, up 26%, is often more lucrative and less risky.
Recently discovered critical vulnerabilities: two major vulnerabilities were identified this spring in CrushFTP and Next.js, enabling hackers to access web servers and applications without authentication.
How can I protect myself?
Faced with this growing threat, companies need to adapt their security strategy. It is no longer enough to rely solely on traditional antivirus solutions. A multi-layered approach including behavioral detection, heuristic analysis and continuous monitoring of suspicious activity is becoming essential.
Training IT teams and raising user awareness also remain fundamental pillars of an effective cybersecurity strategy, particularly in a hybrid working environment where risks are multiplying.
Need help securing your IT infrastructure? Our team of experts can help you implement a security strategy tailored to your needs. Contact us for a free systems audit.
