SophosLabs investigates the most popular Microsoft Office exploit kits

SophosLabs Office exploitsMalware authors have been using Microsoft Office document exploits for quite some time, but in the past couple of years, document malware has experienced a resurgence.

Typically, exploited documents are attached to email messages and sent out to large numbers of random recipients (in the case of cybercrime groups) or a smaller number of selected targets (in the case of APT groups).

Office exploit generators play a crucial role in making Office exploitation available to common cybercriminals. However, despite their significance, most Office exploit kits have not been covered in detail.

In a new research paper, SophosLabs Principal Malware Researcher Gabor Szappanos analyzes some of the most impactful Office exploit generators.

Some of the Office exploit kits are known to be commercial, available for purchase at underground marketplaces. Others seem to be commercial, but haven’t appeared in any of the marketplaces yet. Finally, there are tools that are available only to a handful of groups.

Download Gabor’s research paper to get a thorough analysis of several of the most popular exploit creation kits, plus illustrative examples of the malware campaigns SophosLabs has seen in recent years. Finally, learn what Sophos recommends you should do to stay secure.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s