Two-thirds of email malware delivered via PDF


By Dylan Bushell-Embling
Friday, 09 June, 2023
Two-thirds of email malware delivered via PDF

Two-thirds of malware sent over email is being delivered through PDFs, according to a new report published by Palo Alto Networks’ Unit 42.

The report found that PDFs are now the most popular file type for delivering malware via email, as cybercriminals seek to use both existing vulnerabilities and new ones that are yet to be disclosed to expand their attack surface.

According to the report, there has been a 55% increase in vulnerability exploitation attempts per customer compared to 2021.

With all the attention being paid to ChatGPT, there has meanwhile been a 910% increase in monthly registrations for domains, both benign and malicious, related to ChatGPT.

Likewise, cryptominer traffic doubled in 2022, while threat actors are increasingly suing newly registered domains for phishing, social engineering and spreading malware.

Attackers are meanwhile seeking new opportunities to attack victims using cloud workloads and IoT devices running on Linux-based operating systems. The most common types of threats against Linux systems are: botnets (47%), coinminers (21%) and backdoors (11%).

Another major trend involves the increasing use of encrypted malware traffic. Unit 42 estimates that 2.91% of malware traffic is already SSL encrypted, and malware families using encrypted traffic to blend in with benign network traffic is only expected to grow.

Palo Alto Networks Regional VP for ANZ Steve Manley said attackers are constantly evolving their techniques to stay ahead of attempts to curtail their activities.

“Threat actors are ... adopting multivector attacks that aim to bypass detection by employing various evasion tools and camouflage methods,” he said.

“They have become adept at exploiting vulnerabilities, and by the time security researchers and software vendors close the door on one vulnerability, cybercriminals have already found the next door to creak open. Organisations must, therefore, simultaneously guard against malware designed to exploit older vulnerabilities while proactively staying ahead of sophisticated new attacks.”

Image credit: iStock.com/Just_Super

Related News

DigiCert acquires Valimail to boost email security

DigiCert has acquired DMARC provider Valimail in a bid to enhance its email authentication...

Akamai adds secure browser to ZTNA portfolio

Akamai has partnered with Seraphic to incorporate secure enterprise browser capabilities into its...

Rubrik announces CrowdStrike Falcon integration

Rubrik has announced the integration of its Rubrik Identity Resilience solution with the...

Content from other channels on our network

Emissions reduction target welcomed by electrification advocates

AI fire-detection system is 'faster than the blink of an eye'

Siemens appoints data centre expert for ANZ

WA university to feature cutting-edge LED displays

Regulator updates rooftop solar installation guide

LastPass completes IRAP assessment

The DTA opens registrations for its Digital Governance Program

SWEAR digital content security platform validated by ESI Convergent

Overcoming the AI hype for Australia's public sector

WA digital health systems hit milestone

Critical comms users on stage at Comms Connect next month

Jemena chooses BT Command to modernise Aust control rooms

1900 MHz 5G radio network deployed on Deutsche Bahn test track

Tait Communications completes its takeover of Vital

Hytera continues to use Motorola's trade secrets, court finds

  • All content Copyright © 2025 Westwick-Farrow Pty Ltd