EXECUTIVE SUMMARY:

During the first half of 2020, the most common critical severity attack type was fileless malware, which composed 75% of critical severity attacks, according to recent data.

Find out about the fileless attack fooling users right now:

Cyber criminals are circulating a phishing email with the subject line “Your Right to Compensation”. The email contains inauthentic information about a workers’ compensation rights. In addition, the plain text arrives with an attachment titled “Compensation manual.doc”. That’s the malicious component.

The document says that it’s encrypted and users are asked to enable editing in order to access the contents. People who grant editing permissions will be directed to a webpage that injects fileless malware into the given computer’s Windows Error Reporting (WER) system.

“The threat actors compromised a website to host its payload and used the CactusTorch framework to perform a fileless attack followed by several anti-analysis techniques,” a report explains. This specific mode of infection makes the attack difficult to detect for users and tech experts alike.

How to guard against this form of fileless malware:

• If you receive unsolicited information about workers’ comp, don’t click.
• Avoid opening or granting editing permissions for any email attachments that you weren’t explicitly expecting.
• Apply antivirus software and run routine computer scans. This simple, disciplined step will ensure that you avoid major cyber security issues in the future.

For technical details pertaining to recent fileless malware attacks, visit Threat Post.