Malwarebytes: Banking Trojans could cross trades
Malwarebytes, the leading provider of malware threat prevention and remediation solutions, released its security report analyzing the top malware threats (source: Q3 2018). Currently, banking Trojans outrank all other malware categories as the biggest business threat.
The Malwarebytes Cybercrime Tactics and Techniques Q2 2018 report research, after a slight decrease in overall malware numbers within the second quarter of 2018, now shows a sharp increase in attacks in the third quarter of this year - especially in the enterprise sector.
In the third quarter, banking Trojans outperformed all other malware categories, increasing by a full 84 percent from last quarter. Trojans also ranked first in end-user detections, increasing 27 percent globally from last quarter. RiskwareTool, the name for a cryptomining malware type, dropped from its first place ranking last quarter to fourth place (down 26 percent).
In fact, cryptomining malware types also fell behind on the end user side, slipping to fourth place behind Trojans, adware and backdoors.
Theft and sale of data
As mentioned earlier, there is currently a shift, albeit a slow one, towards more complex and dangerous malware targeting enterprises. This assumption is supported by a 5 percent increase, or 1.7 million more detections, in the third quarter than in the second quarter.
It has been evident all year that end users are no longer the attractive target for cyber criminals that they once were for new types of malware. The last quarter saw only a slight 4 percent increase in consumer detections, as evidenced by the decline of popular malware categories of the past such as adware, backdoors, miners, and ransomware.
However, a 39 percent increase in spyware detections shows a return to stealing and selling data, a common trend in the late 2000s and early 2010s before the flood of ransomware detections.
Core findings of the Cybercrime Tactics and Techniques Report:
- Banking Trojans represent a popular malware type for attackers, as they can be a direct source of financial revenue. 2018 has seen a steady increase in banking Trojan activity, with several new variants entering the market in the third quarter, as well as various developments of other well-known varieties.
- This is mainly due to an active emote campaign that started in August 2018 and shows no signs of stopping at this point. In addition, a number of other generic detections (e.g., Trojan.FakeMS) galvanized the Trojan category. However, it is Emotet that is primarily responsible for a resurgence in the malware category designed to steal financial information.
- Cryptomining continues to be a problem for both businesses and consumers, with the lowest detection rate recorded at just under 2 million, at least on the consumer side.
- However, Malwarebytes statistics show that crypto miners are no longer quantitatively the most common threat. This could also be due to the minimal difference between the price of Bitcoins and the cost of the mining process itself, even though cybercriminals do not intend to use their ownresources for the mining process.
- It seems to be a continuing trend that businesses are the new main target of attacks, rather than the end user. Malwarebytes observed an 88 percent increase in ransomware for its business customers, most of which were affected with GandCrab.
- Since the beginning of last year, consumer-facing ransomware attacks have continued to decline as it becomes increasingly clear to cybercriminals that attacking businesses is more profitable than attacking home users.
Q3 was largely devoid of much ransomware activity, at least compared to what Malwarebytes had detected in previous quarters. Looking at ransomware detection trends over the last year and a half, we see an overall downward trend in ransomware.
You can download the complete report with all datails here download