Webroot’s Nastiest Malware List Highlights Attack Sophistication
Phishing attacks are getting more complex and sophisticated as cybercriminals make use of access to more personal information.
That’s according to Webroot‘s third annual Nastiest Malware list, shedding light on 2019’s worst cybersecurity threats. Consumers and businesses alike need to become savvier and take cybersecurity education seriously in order to limit their risk, it said.
Tyler Moffitt, security analyst with Webroot, tells us business email compromise (BEC) has done significant damage, with more than $26 billion made from this scam in the past three years, according to FBI statistics.
“We expect this trend to continue in the coming years as ongoing data exposures provide cybercriminals with more stolen personal information to better tailor their attacks to individual victims,” he said. “The report demonstrates that SMBs continue to struggle with security, hindered by severely limited security budgets and talent. This highlights a huge opportunity for MSPs and MSSPs, who can alleviate the problem by providing more strong, yet affordable security solutions. The report also underlines the prevalence and dexterity of cybercrimals and their use of phishing, highlighting the need for security awareness training programs and phishing simulators, prime solutions for MSPs and MSSPs to offer their customers to see real return. ”
Webroot’s 2019 Nastiest Malware includes:
- Ransomware, which continued to see success by evolving a more targeted model initially adopted in previous years.
- Phishing campaigns have become more personalized and extortion emails claimed to have captured lude behavior using compromised passwords.
- Botnets remained a dominant force in the infection attack chain and no other type of malware delivered more payloads of ransomware or cryptomining.
- Cryptomining and cryptojacking, as cryptomining is low-risk, guaranteed money, while also less malicious and profitable than ransomware.
Under ransomware, Emotet-Trickbot-Ryuk, the “triple threat,” is one of the most successful chains of 2019 in terms of financial damages. These strains have shifted their focus to more reconnaissance-based operations. They assign a value to the targeted network post-infection and then send the ransom for that amount after moving laterally and deploying the ransomware, according to Webroot.
“It’s been surprising to see the Emotet botnet continue to evolve and wreak havoc in different ways, whether that’s delivering cryptomining payloads or ransomware infections via Trickbot/Ryuk or Dridex/Bitpaymer,” Moffitt said. “After being the most prevalent and persistent botnet last year, Emotet again claimed the title of nastiest this year despite being shut down from June to September.”
Also, GandCrab is one the most successful instances of ransomware as a service (RaaS) to date, and the authors have boasted shared profits in excess of $2 billion. Sodinokibi-Sodin/REvil arose after the retirement of GandCrab. and it’s not uncommon for successful threat actors who receive a lot of attention to try to start new projects in an attempt to remain successful.
Back for its second year on the list, Crysis/Dharma ransomware was actively distributed in the first half of 2019 and almost all infections observed were distributed through remote desktop protocol (RDP) compromise.
Under phishing, company impersonation continues to be a widespread concern as 2019 continued to prove that failure to follow best practices – including reuse and sharing of passwords, and familiarity with the top impersonated brands like Microsoft, Facebook, Apple, Google and PayPal – caused significant damage.
Also, BEC tricked victims into giving up wire transfers, credentials, gift cards and more.
Under botnets, Emotet continued its dominance in 2019. Despite a brief shutdown in June, Emotet resurfaced in September as the largest botnet delivering varying malicious payloads.
Also, Trickbot’s modular infrastructure makes it a serious threat for any network it infects. Its combination with Ryuk ransomware is one of the more …