Hypertext Markup Language (HTML) Smuggling


Presented: May 11, 2021 11:00 am
Presented by: Charlie Merulla

Cybersecurity personnel have identified a new malware using a combination HMTL smuggling techniques, using HTML5 and JavaScript code. The malware downloads data stored in blobs (Binary Large Objects) and installs the malware on computers of unsuspecting victims. Detailed analysis reveals that the source was not a URL, but generated by JavaScript code. HTML smuggling is highly complex and requires continuous defensive security measures.

HTML smuggling was previously used with Dropbox for file sharing. Dropbox is no longer a preferred file sharing application. HTML smuggling is making its appearance on phishing emails as a means to increase their success rate. Attackers are constantly changing their strategy in order to make it more difficult to detect and evade security measures.

Computer Icon

Host a Webinar with CSIAC

Are you interested in delivering a webinar presentation on your DoD research and engineering efforts?

Want to find out more about this topic?

Request a FREE Technical Inquiry!