Duri is thought to have begun last month. It has proven to be an effective means of attack as it can circumnavigate many security programs like firewalls. The actual process of infection is described in the research post as follows:
As one might guess, as it is with any malicious campaign, there is always an interaction from the victim that allows the malware to be executed. It is more difficult in Duri’s case, however, for victims to discern the malicious nature of the ZIP files. As far as HTML smuggling campaigns go, Duri is incredibly complex and requires constant defensive security awareness.
Featured image: Flickr / Morten Wulff