sb-as logo
Story image

Cryptolocker malware and ransomware threats on the rise

Cryptolocker malware and ransomware is increasing at a rapid rate, with these threats rising 167% over the previous quarter.

Positive Technologies, the enterprise security systems company, released its CyberThreatscape Q1, which revealed new data around infection via cryptolockers, an increase in the number of unique threats, an increasing number of hybrid Trojans, more attacks focused on data theft, and a decrease in cryptojacking.

Most notably, the data shows the cryptolocker infection rate has increased to 24% from 9% in the last quarter of 2018.

Cryptolocker attacks are commonly combined with phishing, due to the fact that hackers are finding new ways to manipulate targets and gain ransom from them. As these attacks become more sophisticated, victims of cryptolocker attacks also reachers a higher level - for instance state institutions.

Positive Technologies cyber security resilience lead Leigh-Anne Galloway says phishing emails aren’t only used to spread viruses as hackers become smarter and more efficient.

"Phishing emails are still one of the most popular and efficient ways of delivering malicious software. But that's not the only route of malware distribution by far.

“For instance, users download a lot of files from torrent trackers, which increases the risk of malware infection exponentially; also, using files that pretend to be movies, attackers have been able to distribute software for swapping addresses of Bitcoin and Ethereum wallets at the moment when data is inserted from the exchange buffer. These new methods of attack demonstrate how creative and sophisticated attackers are becoming,” Galloway says.

In addition to this, Positive Technologies’ research also showed that the number of unique threats increased by 11% from Q1 of the previous year. Comparatively, the share of targeted attacks dropped to 47% from 53% in the fourth quarter 2018.

Furthermore, since the start of 2019, there have been an increasing number of infections using multifunctional Trojans, or modular malware. These combine the functions of various types of malware for greater success. As an example, the DanaBot Trojan contains components for remote control and functions of a banking Trojan, and can also steal passwords from a number of applications.

The research also looked at what the cybercriminals were seeking first and foremost. The data shows that 54% of attacks are driven to gain information, from personal correspondence to commercial intel. Of the personal information, credentials, personal data, and payment card information are still the most valuable and sought-after, the research shows.

Victims are still a combination of individuals and businesses or organisations. The results showed individuals are still at 21% of all attacks, versus 22% in fourth quarter 2018.

When it comes to organisations, attackers most often hit government agencies (16%), medical institutions (10%) and industrial companies (10%).

The research also showed a drop in certain attacks. For instance, the number of attacks aimed at covert mining of cryptocurrency has decreased due to it becoming more complex and difficult. In Q1 of 2018, the share of miners rose as high as 23% yet in Q4 2018 it fell to 9% and in first quarter 2019 the share of cryptojacking was only 7%.

Story image
Rise in cyberattacks targeting the cloud as use of collaboration tools increase
“While we are seeing a tremendous amount of courage and global goodwill to overcome the COVID-19 pandemic, we also are unfortunately seeing an increase in bad actors looking to exploit the sudden uptick in cloud adoption."More
Story image
Vulnerability discovered in DNS recursive resolvers that can be abused to launch DDoS attacks against any victim
Researchers have discovered a vulnerability in the implementation of DNS recursive resolvers that can be abused to launch disruptive DDoS attacks against any victim.More
Story image
Remote workers need to up their game to keep organisations secure
According to the study, employees' habits, including password re-use and letting family members use corporate devices, are putting critical business systems and sensitive data at risk. More
Story image
40% of APAC consumers have dealt with personal data breaches
The Kaspersky report released today also found out that more than 20% of respondents in APAC are willing to sacrifice their privacy to gain a product or a service for free. More
Story image
WatchGuard completes acquisition of Panda Security
Executives say the immediate goal of the now-combined companies is to provide stakeholders access to a newly expanded portfolio of security solutions.More
Story image
Endace and Palo Alto Networks launch integration to empower security teams
“The combination of Cortex XSOAR’s powerful orchestration and automation capabilities with the rich network history recorded by the EndaceProbe Analytics Platform gives security operations access to the conclusive forensic evidence they need to respond quickly and accurately to threats.” More