Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Android
    • Android
    • Apple
    • Applications
    • Cybersecurity
    • Innovation
    • IT Management

    What We Learned from Malware Attacks in 2018

    By
    CHRIS PREIMESBERGER
    -
    January 24, 2019
    Share
    Facebook
    Twitter
    Linkedin
      Malwarebytes.report

      Malware blossomed in several different directions in the past 12 months, and the year ahead looks like it will be a full-fledged follow-on.

      According to security firm Malwarebytes, 2018 came in like a lion and out like—well, a different lion. It’s fair to say that, despite a sleepy second quarter, this past year was action-packed from start to finish.

      “We experienced another very active year for malware that shows no signs of stopping,” CEO Marcin Kleczynski said in a media advisory. “Attackers continued to shift their methodologies to follow the payload. We saw evidence of this with the strong focus on attacking businesses with insecure and unpatched networks.

      “From massive data breaches to ransomware attacks, businesses are experiencing what consumers have been dealing with, but on a larger scale. In the coming year, Malwarebytes is dedicated to providing the cutting-edge protection and remediation tools needed for protecting the world against the most dangerous malware now, and well into the future.” 

      Cryptomining Tactics Are Diversifying

      2018 began with threat actors diversifying their cryptomining tactics, broadening their reach to Android, Mac, cryptomining malware and experimenting with new innovations in browser-based attacks. While cryptomining died down by the second quarter, a new set of threats were eager to take its place: information stealers. These former banking Trojans—especially Emotet and TrickBot—evolved into droppers with multiple modules for spam production, lateral propagation through networks, data skimmers, and even crypto-wallet stealers.

      Other malware families soon followed in Emotet and TrickBot’s footsteps, redirecting their focus toward organizations whose networks were unpatched and insecure, and they found plenty of targets. From massive data breaches to ransomware attacks that brought critical infrastructure to a halt, businesses finally experienced what consumers have been dealing with for years now, but on a much larger and more dangerous scale.

      As a result, 2018 came to a close with a different set of problems for a different set of users, with the promise that we’re likely to see just as much drama in 2019 as the previous year.

      The 2019 State of Malware Report examines threats by region—North America, Asia Pacific, Latin America, and Europe, the Middle East, and Africa (EMEA)—as well as top industry verticals for the most prolific forms of malware.

      Malwarebytes shared key elements of its resarch with eWEEK readers for this Data Point article.

      Data Point No. 1: Make way for cryptominers

      Ransomware was dethroned in the first half of 2018 to make way for a massive wave of cryptominers, following a meteoric spike in Bitcoin value at the tail end of 2017. Threat actors seemingly abandoned all other forms of attack for experimentation in this new technique, spanning from desktop to mobile; Mac, Windows, and Android operating systems; and software- and browser-based attacks. Cryptomining detections increased by 7 percent year over year—a small percentage overall, because the second half of the year was slow for this threat.

      Data Point No. 2: The year of the mega breach

      Unlike the ransomware plagues that were indicative of 2017, there were no major global outbreaks in 2018. Instead, it was the year of the mega breach. Major businesses, including Facebook, Marriott, Exactis, MyHeritage and Quora were penetrated, with hundreds of millions of customers affected. The number of compromised records increased by 133 percent in 2018 over the previous year.

      Data Point No. 3: Ransomware gets tricky

      In 2018, we saw a shift in ransomware attack techniques. Instead of the one-two punch of malvertising exploits which delivered ransomware payloads, threat actors engaged in targeted, manual attacks. The shotgun approach was replaced with brute force, as witnessed in the most successful SamSam campaigns of the year.

      Data Point No. 4: Businesses take a hit

      Malware authors pivoted in the second half of 2018 to target organizations over consumers, recognizing that the bigger payoff was in making victims out of businesses instead of individuals. Overall business detections of malware rose significantly over the last year—79 percent to be exact—and primarily due to the increase in backdoors, miners, spyware and information stealers.

      Data Point No. 5: Consumer detections fall by marginal percentage

      Despite the focus on business targets, consumer malware detections only decreased by 3 percent year over year, thanks to increases in backdoors, Trojans and spyware malware categories throughout 2018. While 2017 saw 775,327,346 consumer detections overall, 2018 brought with it about 25 million fewer instances of infection—a healthy decrease in number, percentages aside.

      Data Point No. 6: SMB vulnerabilities spread Trojans like wildfire

      The fallout from the ShadowBrokers’ leak of NSA exploits in 2017 continued, as cybercriminals used SMB vulnerabilities EternalBlue and EternalRomance to spread dangerous and sophisticated Trojans, such as Emotet and TrickBot. In fact, information stealers were the top consumer and business threat in 2018, as well as the top regional threat for North America, Latin America, and Europe, the Middle East and Africa (EMEA).

      Data Point No. 7: Malspam replaces exploits as the favorite attack vector

      The exploit landscape became a bit barren by the end of 2017, with many of the kit creators locked behind bars. As a result, threat actors returned to an old favorite—malspam—which replaced exploits as the major delivery mechanism for threats in 2018.

      Data Point No. 8: Rogue extensions and malicious apps appear in legitimate webstores

      Browser-based security became even more important, as rogue apps and extensions fooled users and app stores alike, worming their way past security reviews in Google Play, iTunes and the official web stores for Chrome, Firefox, Safari and others with sneaky social engineering tactics.

      Data Point No. 9: Attacks on websites steal user data

      The criminal group Magecart was behind a series of high-profile attacks on ecommerce websites, stripping credit card information and other Personally Identifiable Information (PII) from payment platforms in plain text and in real time.

      Data Point No. 10: Sextortion scams

      Finally, major scams for the year capitalized on stale PII from breaches of old. Phishing emails were blasted out to millions of users in extortion (or in some cases, sextortion) attempts, flashing victims’ old, but potentially still viable, passwords and warning them that they’d expose their secrets if they didn’t pay up.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×