A recently uncovered, active campaign called “Duri” uses HTML smuggling to deliver malware.
The active campaign spotted utilises HTML smuggling to deliver malware, bypassing various network security solutions, including sandboxes, legacy proxies & firewalls.
Krishnan Subramanian, Security Researcher with Menlo Security, said that the campaign discovered on Tues., named “Duri,” has been ongoing since July.
HTML smuggling is not really a new technique, as it is been used by attackers for a while, remarked Subramanian. This campaign shows that bad players continue to rely on older attack methods that are known to work.