Cybercriminals have developed a dangerous new tactic. Hackers now hide malicious code inside image files on legitimate websites. HP’s latest Threat Intelligence Report exposes this growing threat. Attackers use numbered malware kits and generative AI to boost their success rates.
The report analyzed millions of endpoints using HP Wolf Security. It uncovered multiple large-scale campaigns using identical techniques to spread dangerous malware.
Hackers embedded malicious code into images hosted on trusted websites like archive.org. This method helps criminals bypass security measures and network proxies.
Alex Holland, Principal Threat Researcher at HP Security Labs, warns about the commercialization of cybercrime. “Pre-packaged malware kits are becoming more accessible and user-friendly.”
The investigation revealed criminals using AI to create malicious HTML documents. These documents download and execute remote access trojans onto victims’ computers.
Attackers modify gaming cheat tools
Gamers face particular risks from this trend. Attackers modify gaming cheat tools on GitHub to include the Lumma Stealer malware.
This malware targets passwords, crypto wallets, and browser information. Many users disable their security tools to use these cheats.
“The barriers to entry for cybercrime are lower than ever,” Holland explains. “Even inexperienced criminals can build effective infection chains.”
Threat actors focus on selecting the perfect payload for their targets. They craft convincing traps using both AI tools and traditional techniques.
The report highlights how cybercriminals adapt their methods. They combine new technologies with social engineering to bypass security measures.
HP’s researchers emphasize the growing sophistication of these attacks. Modern cybercriminals use legitimate platforms to host their malicious content.
This development poses new challenges for cybersecurity professionals. Traditional security measures may not detect malware hidden within legitimate image files.
The report serves as a warning to organizations worldwide. They must stay vigilant against these evolving cyber threats.