Attackers utilize a variety of methods to deliver malicious software to a target system. The most common techniques to deliver malware are listed below.
|
Phishing Attacks Attackers send fraudulent emails or messages that manipulate recipients into taking actions that ultimately allow for malware delivery.
|
|
Social Engineering Attackers employ a variety of methods in order to convince the victim into taking action that gives them access to the target system. This includes impersonating trusted entities like IT support, colleagues, friends or authorities. Reconnaissance on social media is often an integral part, giving the attacker important information to carry out the social engineering attack. |
|
Malvertising Cybercriminals use malicious ads (e.g. job ads) which deliver malware when the visitor interacts them. These types of ads are either posted on legitimate web sites or delivered through ad networks that previously infiltrated. |
|
Watering Hole Attacks Though not common, attackers compromise web sites which are frequently visited by employees of a targeted organization. |
|
Public Code Repositories (GitHub etc) Cybercriminals infiltrate open source projects hosted on popular public code repositories, where they covertly inject their malicious code into popular software and scripts. Project maintainers - especially of larger projects containing hundreds of files - may not immediately notice this, since the malicious code blends in with legitimate code. Software developers then download and run the tainted code on their systems - giving the attacker essentially direct access to the software developer's workstation. In the worst case the developer distributes the code to customers, turning this into a supply chain attack. |
