HP Inc. has issued its latest Threat Insights Report, highlighting how threat actors are using malware kits and generative artificial intelligence (generative AI) to improve the efficiency of their attacks. Such tools are reducing the time and skill needed to create attack components, enabling attackers to focus on experimenting with techniques to bypass detection and trick victims into infecting their endpoints, such as embedding malicious code inside images.

The report provides an analysis of real-world cyberattacks, helping organizations to keep up with the latest techniques cybercriminals are using to evade detection and breach PCs in the fast-changing cybercrime landscape. Based on data from millions of endpoints running HP Wolf Security, notable campaigns identified by HP threat researchers include:

Malware-by-numbers kits: HP threat researchers observed large campaigns spreading VIP Keylogger and 0bj3ctivityStealer malware that leverage the same techniques and loaders, suggesting the use of malware kits to deliver different payloads. In both campaigns, attackers hid the same malicious code in images on file hosting websites like archive.org, as well as using the same loader to install the final payload. Such techniques help attackers circumvent detection, as image files appear benign when downloaded from well-known websites, bypassing network security like web proxies that rely on reputation.

GenAI helping to create malicious HTML documents: Researchers also identified an XWorm remote access trojan (RAT) campaign initiated by HTML smuggling, which contained malicious code that downloads and runs the malware. Notably, similar to an AsyncRAT campaign analyzed in the previous quarter, the loader bore hallmarks that indicate that it may have been written with the help of GenAI, for example, including a line-by-line description and the design of the HTML page.

Gaming cheaters never prosper: Attackers are compromising video game cheat tools and modification repositories hosted on GitHub, adding executable files containing Lumma Stealer malware. This infostealer scrapes victims' passwords, crypto wallets, and browser information. Users frequently deactivate security tools to download and use cheats, putting them at greater risk of infection without isolation technology in place.

"The campaigns analyzed provide further evidence of the commodification of cybercrime," said Alex Holland, principal threat researcher in the HP Security Lab. "As malware-by-numbers kits are more freely available, affordable and easy to use, even novices with limited skills and knowledge can put together an effective infection chain. Throw generative AI into the mix to write the scripts and the barriers to entry get even lower. This allows groups to concentrate on tricking their targets and picking the best payload for the job — for instance by targeting gamers with malicious cheat repositories."

By isolating threats that have evaded detection tools on PCs — but still allowing malware to detonate safely — HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on more than 65 billion email attachments, web pages and downloaded files with no reported breaches.

The report, which examines data from calendar Q3 2024, details how cybercriminals continue to diversify attack methods to bypass security tools that rely on detection, such as:

• At least 11% of email threats identified by HP Sure Click bypassed one or more email gateway scanners.
• Executables were the most popular malware delivery type (40%), followed by archive files (34%).
• There was a notable rise in .lzh files, which made up 11% of archive files analyzed — with most malicious .lzh archive files targeting Japanese-speaking users.

"Cybercriminals are rapidly increasing the variety, volume and velocity of their attacks," said Dr. Ian Pratt, global head of security for personal systems, HP Inc. "If a malicious Excel document is blocked, an archive file in the next attack may slip through the net. Instead of trying to detect rapidly shifting infection methods, organizations should focus on reducing their attack surface. This means isolating and containing risky activities such as opening email attachments, clicking on links and browser downloads to reduce the chances of a breach."

HP Wolf Security runs risky tasks in isolated, hardware-enforced virtual machines running on the endpoint to protect users, without impacting their productivity. It also captures detailed traces of attempted infections. HP's application isolation technology mitigates threats that can slip past other security tools and provides unique insights into intrusion techniques and threat actor behavior.

This data was gathered from consenting HP Wolf Security customers from July-September 2024.

In other news, HP Inc. announced the appointment of Carol Surface as chief people officer, starting March 24.

Surface has a proven track record for building high-performance, purpose-driven teams to deliver exceptional business results. With a career spanning some of the world's most iconic brands, she brings a wealth of global experience and insight to HP. Most recently, Surface served as chief people officer at Apple. Prior to that, she spent a decade as chief human resources officer at Medtronic, a global health-care technology leader, where Surface led transformation initiatives to drive growth, including the evolution of the HR operating model.

Her journey includes senior leadership roles at Best Buy, where Surface was CHRO, and Pepsi Co., where she was instrumental in driving innovation and operational excellence. Known for her strong business acumen, Surface has a proven track record of leading operating model transformations and fostering agility in fast-moving and dynamic global environments.

Surface will succeed Kristen Ludgate, who announced her retirement last year after an impactful four-year tenure leading the people organization.

"Kristen has been an invaluable partner who we will deeply miss as she embarks on her next chapter," said Enrique Lores, president and CEO, HP. "This year, we have an opportunity to lead the future of work, and developing our culture and talent will be essential to achieving this goal. Carol brings the right experience and insight to guide us on that journey."

Surface earned a Ph.D. in industrial organizational psychology from Central Michigan University. She is a recognized HR thought leader, having served as vice chair of the HR Policy Association. Surface currently serves as a member of Gartner's CHRO Leadership Board and a member of the Advisory Board of the University of South Carolina Center of Executive Succession. In 2020, she was honored as a Fellow of the National Academy of Human Resources, the highest honor granted in the human resources profession.

In other news, HP Inc. and the HP Foundation are launching the 2025 Digital Equity Accelerator and its call for submissions. This year, the Accelerator has evolved to focus on equipping historically disconnected youth and adults with the critical skills needed to participate and thrive in an increasingly digital economy. Selected nonprofit organizations will receive $100,000 in HP Foundation grants, HP technology (~$100,000 value) and six months of programmatic support to scale digital equity solutions. For the first time, HP is offering the Accelerator program to four countries to further expand geographic reach. For the 2025 program, nonprofits in Greece, Indonesia, Nigeria and Spain, including those using AI to advance impact, are invited to apply. HP will accept applications until 11:59 p.m. EST on Feb. 12, 2025.

"At HP, we believe in harnessing technology to drive positive, lasting change, and we are dedicated to closing the digital divide for youth and adults who have been historically disconnected from digital access so they can succeed in an increasingly competitive digital economy," said Michele Malejki, global head of social impact, HP Inc., and director, HP Foundation. "As we enter our fourth year of the Digital Equity Accelerator, we are inspired by the progress made so far and are excited to see the innovative, AI-powered solutions that the 2025 cohort will bring forward to address digital equity challenges."

Equipping Youth and Adults for the Digital Economy

A $1 trillion-plus digital divide is limiting billions from achieving equal access to educational and economic opportunities. Through the Digital Equity Accelerator, HP aims to create a more equitable world through access to technology, digital literacy and AI, and quality skills content. The Accelerator helps organizations strengthen capacity and scale impact for digital equity solutions, particularly among people who are traditionally excluded.

Since 2022, Accelerator alumni have driven progress for many, advancing digital equity for educators, women, and disconnected youth, among others.

2025 Program Countries: Driving Digital Equity in Greece, Indonesia, Nigeria and Spain 

HP has strategically selected countries to address specific digital equity gaps. These countries represent diverse challenges in digital equity, aligning with HP's commitment to foster global digital inclusion.

• Greece: Greece faces significant digital skill gaps, particularly among refugees, with only 52% of the population equipped with basic digital skills.
• Indonesia: According to BPS data for 2023, 25.80% of Indonesian youth are classified as NEET (Not in Education, Employment or Training), with female youth facing double the unemployment rate compared to their male counterparts. This underscores the urgent need to address the digital skills gap and empower young Indonesians to thrive in the digital era.
• Nigeria: Nigeria, despite having Africa's largest information and communications technology (ICT) market, only has 28% of its population using the internet, leaving many youth without employment or education opportunities.
• Spain: While Spain ranks high in digital skills, there are still disparities, particularly among children and older generations, leaving gaps in access and job readiness for underserved communities.

Global Digital Divide Limits Equal Access to Educational and Economic Opportunities

The growing digital divide continues to reshape education and economic landscapes, impacting the future workforce and overall societal inclusion. According to the Global Education Coalition (GEC) report (2024), significant challenges persist despite progress:

• Digital Inequity: A vast proportion of schools globally remain unconnected, with only 40% of primary, 50% of lower secondary and 65% of upper secondary schools having internet access, leaving millions of students without essential online resources.
• Educational Shortfalls: More than one in five (23.5%) young people (aged 15-24) are not in education, employment or training, while only 45% of lower secondary teachers feel adequately trained to integrate technology into their teaching, even after receiving ICT training.
• Gender and Regional Disparities: In Africa, only 36% of the population has internet access, with women being 16% less likely than men to use mobile internet, highlighting the need for gender-equitable solutions.

According the World Economic Forum's Future of Jobs (2023), the skilled workforce is still diminishing, leaving employers without access to the talent needed to fill needed jobs:

Global Talent Shortages: By 2030, the global economy could face a shortage of more than 85 million skilled workers, potentially leading to an $8.5 trillion shortfall in annual revenues if not addressed. According to a recent report, investing in AI-skilling for women and girls can unlock a staggering $212 billion for the global economy.

Since 2021, HP has been on a journey to accelerate digital equity for 150 million people by 2030, having reached 45 million people through 2023. This year's evolving focus on equipping youth and adults with critical skills reflects HP's commitment to bridging the digital divide and supporting economic inclusion. The Digital Equity Accelerator remains a cornerstone of this effort, investing in nonprofits to scale innovative solutions and create a more connected and inclusive world.