November was a good month for Ransomware (if you are in the ransomware business!) and a bad month for individuals and small businesses if you are not according to the latest press release from one of our premier partners, Check Point.
Using data drawn from their ThreatCloud World Cyber Threat Map, November saw a 10% increase in the amount of Locky and Crytpowall ransomware attacks. As we have noted elsewhere on this blog ransomware is more frequently targeting small and medium sized businesses because for the same level of effort cybercriminals are seeing a generally larger payout.
Also of note from the November report was the rise in the Ramnit banking Trojan. For the first time ever Ramnit rose into a top 10 position in the threat index, settling in at the #6 most common malware position.
Here is What the Top 3 Most Distributed Malware List Looked Like in November
1. ↔ Conficker – Worm that allows remote operations and malware download. Infected machines are controlled by a botnet, which contacts its Command & Control server to receive instructions.
2. ↔ Locky – Ransomware, which started its distribution in February 2016, and spreads mainly via spam emails containing a downloader disguised as a Word or Zip file attachment, which then downloads and installs the malware that encrypts the user files. Locky was the no.1 malware family in the largest amount of countries (34 countries compared to Conficker, which was the top malware in 28 countries).
3. ↑ Sality – Virus that allows remote operations and downloads of additional malware to infected systems by its operator. Its main goal is to persist in a system and provide means for remote control and installing further malware.
1. ↔ HummingBad – Android malware that establishes a persistent rootkit on the device, installs fraudulent applications and enables additional malicious activity such as installing a key-logger, stealing credentials and bypassing encrypted email containers used by enterprises.
2. ↔ Triada – Modular Backdoor for Android which grants super-user privileges to downloaded malware, as helps it to get embedded into system processes. Triada has also been seen spoofing URLs loaded in the browser.
3. ↑ Ztorg– Trojan that uses root privileges to download and install applications on the mobile phone without the user’s knowledge.
Got Security Concerns? Konsultek has the Answers
At Konsultek we eat, breathe and live information security. With the help of our world class partners such as Checkpoint, we craft customized security solutions and managed service solutions for organizations of all sizes in all industries. When you are ready to learn more about just how secure your information can be with Konsultek on your side just pick up the phone and give us a call!