Telltale signal
Kahng An, a member of the Cofense Intelligence Workforce, mentioned in an electronic mail interview that there’s a tell-tale signal of this sort of assault: “Basically, digital arduous drive recordsdata are anticipated to be pretty massive as they’re meant to be storage volumes for giant quantities of knowledge,” he wrote. Consequently, “notably small digital arduous drive recordsdata ought to be handled with suspicion as they’re doubtless not getting used appropriately. E mail usually isn’t a superb medium for giant file transfers both, so an connected digital arduous drive file also needs to be handled with suspicion no matter its measurement.
“From a mitigation standpoint, it is perhaps value eradicating file associations for varied digital arduous drive file extensions reminiscent of .vhd and .iso from most customers’ workstations. The common person in a corporation in all probability gained’t ever have a official motive to want to make use of digital arduous drive recordsdata, and people who do want entry to them may have file associations restored as wanted.”
Thus far this 12 months, Cofense has seen menace actors use electronic mail campaigns containing digital arduous drives despatched to a number of of its enterprise prospects. They included emails despatched in Could to workers at an unnamed financial institution with the topic line “2023 Tax supporting Paperwork.”