Even though infecting office documents with malware has been established for a long time, it is still very successful at tricking people.
According to recent Atlas VPN team findings, 43% of all malware downloads are malicious office docs. Harmful office files are popular among cybercriminals as they usually can evade many antivirus software from detection.
A year ago, in the second quarter of 2020, only 14% of all downloaded malware were malicious office docs. After that, in the third quarter of last year, the percentage jumped to 38%.
Later on, downloaded malicious office documents slightly decreased to 34% in Q4 2020 and Q1 2021. Despite that, downloaded malware as office documents went right back up to new highs at 43% the next quarter.
One of the most dangerous malware EMOTET was spread via Word documents before being disrupted in early 2021 by global law enforcement. What made EMOTET dangerous is that it opened doors for other malware installations such as information stealers, trojans, and ransomware.
It seems EMOTET’s success spread quickly in cybercriminal groups, inspiring more hackers to try out a similar technique. Another reason for malicious document success is that they can bypass antivirus and tend to manipulate being a trustworthy source.
For example, cybercriminals would mask malicious files and emails during the pandemic as registration for the vaccine or other financial benefits. It is easier to make people fall for malware when it is associated with reliable documents.
Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on malware attacks:
“Cybercriminals have benefited from the popularity of Microsoft Office and Google Docs by inserting malicious code into the files. Organizations must implement and maintain a cybersecurity strategy addressing both the technological and human components to protect users from falling victim to malware threats.”
To read the full article, go to: