sb-as logo
Story image

Cryptolocker malware and ransomware threats on the rise

Cryptolocker malware and ransomware is increasing at a rapid rate, with these threats rising 167% over the previous quarter.

Positive Technologies, the enterprise security systems company, released its CyberThreatscape Q1, which revealed new data around infection via cryptolockers, an increase in the number of unique threats, an increasing number of hybrid Trojans, more attacks focused on data theft, and a decrease in cryptojacking.

Most notably, the data shows the cryptolocker infection rate has increased to 24% from 9% in the last quarter of 2018.

Cryptolocker attacks are commonly combined with phishing, due to the fact that hackers are finding new ways to manipulate targets and gain ransom from them. As these attacks become more sophisticated, victims of cryptolocker attacks also reachers a higher level - for instance state institutions.

Positive Technologies cyber security resilience lead Leigh-Anne Galloway says phishing emails aren’t only used to spread viruses as hackers become smarter and more efficient.

"Phishing emails are still one of the most popular and efficient ways of delivering malicious software. But that's not the only route of malware distribution by far.

“For instance, users download a lot of files from torrent trackers, which increases the risk of malware infection exponentially; also, using files that pretend to be movies, attackers have been able to distribute software for swapping addresses of Bitcoin and Ethereum wallets at the moment when data is inserted from the exchange buffer. These new methods of attack demonstrate how creative and sophisticated attackers are becoming,” Galloway says.

In addition to this, Positive Technologies’ research also showed that the number of unique threats increased by 11% from Q1 of the previous year. Comparatively, the share of targeted attacks dropped to 47% from 53% in the fourth quarter 2018.

Furthermore, since the start of 2019, there have been an increasing number of infections using multifunctional Trojans, or modular malware. These combine the functions of various types of malware for greater success. As an example, the DanaBot Trojan contains components for remote control and functions of a banking Trojan, and can also steal passwords from a number of applications.

The research also looked at what the cybercriminals were seeking first and foremost. The data shows that 54% of attacks are driven to gain information, from personal correspondence to commercial intel. Of the personal information, credentials, personal data, and payment card information are still the most valuable and sought-after, the research shows.

Victims are still a combination of individuals and businesses or organisations. The results showed individuals are still at 21% of all attacks, versus 22% in fourth quarter 2018.

When it comes to organisations, attackers most often hit government agencies (16%), medical institutions (10%) and industrial companies (10%).

The research also showed a drop in certain attacks. For instance, the number of attacks aimed at covert mining of cryptocurrency has decreased due to it becoming more complex and difficult. In Q1 of 2018, the share of miners rose as high as 23% yet in Q4 2018 it fell to 9% and in first quarter 2019 the share of cryptojacking was only 7%.

Download image
Why there's a huge push for NFV in today's enterprises
To help networking and IT professionals better understand the opportunities and challenges associated with deploying NFV technology, new research based on responses from more than 1,300 IT and networking professionals from around the world is now available. More
Story image
42% more plaintext HTTP servers than HTTPS counterparts - report
Rapid7 has released a report detailing the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.More
Story image
A third of millennials think they're 'too boring' to be victim of cyber attack
While many millennials are concerned at how their data is being used and whether they are being targeted by cyber-attackers, according to Kaspersky any potential action taken to tighten their online security is at ‘the bottom of their to-do list’.More
Download image
451 Research: The new shape of the enterprise network
In this new world, distance has become the silent digital business killer. Latency looms large, especially for high-performance edge applications, IoT and 5G use cases. More
Story image
Q&A: Barracuda VP on how SD-WAN can aid in public cloud adoption
Techday caught up with Barracuda RVP of public cloud & strategic alliances Chris Hill to discuss why SD-WAN is fast becoming the launch pad into the cloud.More
Story image
AWS launches fully-managed fraud detection service
Businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.More