Kaspersky researchers are often asked how targets are infected with malware. Their answer is nearly always the same: (spear) phishing. There will be exceptions, naturally, as they will encounter RCE vulnerabilities every now and then, or if the attacker is already on the network, they will use tools like PsExec. But that’s it — most of the time, anyway.
Last month, Kaspersky focused on infection methods used in various malware campaigns: methods that they do not see used very often. In this blog post, they provide excerpts from these reports.