sb-as logo
Story image

Cryptolocker malware and ransomware threats on the rise

Cryptolocker malware and ransomware is increasing at a rapid rate, with these threats rising 167% over the previous quarter.

Positive Technologies, the enterprise security systems company, released its CyberThreatscape Q1, which revealed new data around infection via cryptolockers, an increase in the number of unique threats, an increasing number of hybrid Trojans, more attacks focused on data theft, and a decrease in cryptojacking.

Most notably, the data shows the cryptolocker infection rate has increased to 24% from 9% in the last quarter of 2018.

Cryptolocker attacks are commonly combined with phishing, due to the fact that hackers are finding new ways to manipulate targets and gain ransom from them. As these attacks become more sophisticated, victims of cryptolocker attacks also reachers a higher level - for instance state institutions.

Positive Technologies cyber security resilience lead Leigh-Anne Galloway says phishing emails aren’t only used to spread viruses as hackers become smarter and more efficient.

"Phishing emails are still one of the most popular and efficient ways of delivering malicious software. But that's not the only route of malware distribution by far.

“For instance, users download a lot of files from torrent trackers, which increases the risk of malware infection exponentially; also, using files that pretend to be movies, attackers have been able to distribute software for swapping addresses of Bitcoin and Ethereum wallets at the moment when data is inserted from the exchange buffer. These new methods of attack demonstrate how creative and sophisticated attackers are becoming,” Galloway says.

In addition to this, Positive Technologies’ research also showed that the number of unique threats increased by 11% from Q1 of the previous year. Comparatively, the share of targeted attacks dropped to 47% from 53% in the fourth quarter 2018.

Furthermore, since the start of 2019, there have been an increasing number of infections using multifunctional Trojans, or modular malware. These combine the functions of various types of malware for greater success. As an example, the DanaBot Trojan contains components for remote control and functions of a banking Trojan, and can also steal passwords from a number of applications.

The research also looked at what the cybercriminals were seeking first and foremost. The data shows that 54% of attacks are driven to gain information, from personal correspondence to commercial intel. Of the personal information, credentials, personal data, and payment card information are still the most valuable and sought-after, the research shows.

Victims are still a combination of individuals and businesses or organisations. The results showed individuals are still at 21% of all attacks, versus 22% in fourth quarter 2018.

When it comes to organisations, attackers most often hit government agencies (16%), medical institutions (10%) and industrial companies (10%).

The research also showed a drop in certain attacks. For instance, the number of attacks aimed at covert mining of cryptocurrency has decreased due to it becoming more complex and difficult. In Q1 of 2018, the share of miners rose as high as 23% yet in Q4 2018 it fell to 9% and in first quarter 2019 the share of cryptojacking was only 7%.

Story image
Acronis mobilises the home office in the remote working age
One of the biggest changes for Acronis, like many companies, is the transition that allows all employees to work from home.More
Story image
Guardicore Labs exposes brute force MS-SQL attack campaign
The cyber attack campaign uses password brute force to breach victim machines, deploys multiple backdoors and executes numerous malicious modules, such as multifunctional remote access tools (RATs) and cryptominers. More
Story image
COVID-19: Surfshark joins growing list of companies offering free services
The VPN service has recently announced its intention to offer free six-month subscriptions for small businesses, as more countries tighten quarantine measures and finances become strained.More
Story image
You're virtually invited: How the smartest organisations manage Office 365 and Microsoft Teams
If you’re starting your digital transformation journey or want to find out more about how you can boost your Office 365 productivity, this is your chance to take advantage of expert advice - free.More
Story image
Microsoft Teams announces commitment to privacy in wake of Zoom woes
Microsoft 365 corporate vice president Jared Spataro says the Teams platform already has strong security and privacy policies in place, and committed to upholding them throughout this era of uncertainty.More
Story image
Forcepoint unveils impressive channel recruits across APAC and ANZ
Cybersecurity firm Forcepoint has named four new key appointments to its leadership team as it looks to strengthen its channel, strategy and sales lineup across the Asia Pacific and Australian New Zealand regions.More