Cybersecurity personnel have identified a new malware using a combination HMTL smuggling techniques, using HTML5 and JavaScript code. The malware downloads data stored in blobs (Binary Large Objects) and installs the malware on computers of unsuspecting victims. Detailed analysis reveals that the source was not a URL, but generated by JavaScript code. HTML smuggling is highly complex and requires continuous defensive security measures.
HTML smuggling was previously used with Dropbox for file sharing. Dropbox is no longer a preferred file sharing application. HTML smuggling is making its appearance on phishing emails as a means to increase their success rate. Attackers are constantly changing their strategy in order to make it more difficult to detect and evade security measures.