Malware (short for malicious software) refers to software designed to intentionally damage, disrupt or breach an organization’s IT infrastructure.
‘Acrobat forms’ look just like any other form, but they may also contain active code such as JavaScript. This active code can be exploited by cybercriminals to launch attacks that are commonly missed by traditional detection-based cybersecurity solutions.
Macros and JavaScript are forms of active code. These extra file functions can perform actions without a user’s permission, starting a chain reaction of malicious events. When these are present in a document, they are often used by cybercriminals to mount an attack against the user or receiving system.
Cybercriminals can use DDEs in Microsoft documents to execute malicious code on a recipient’s computer.
If the ownership and trust of the certificate chain has been compromised, a cybercriminal could trick a user into opening a document that contains malicious content.
Embedded objects within files can be used to hide data or provide a way for active code to be triggered. These objects are often used by cybercriminals to perform actions without a user’s permission or knowledge.
Hyperlinks are often used in phishing attacks. Cybercriminals create links that look legitimate and trustworthy on the surface, but once clicked, take a user to a different destination and a chain of malicious events is activated.
Sensitive information that a company does not want to disclose to the public can be found within metadata. This could be the name of the author of a file or review comments. Cybercriminals can access this data, using it for malicious purposes, damaging the reputation of an organization when the breach is disclosed.