SANTA CLARA, Calif. – January 25, 2018 – Malwarebytes™, the leading advanced malware prevention and remediation solution, today released a security research report analyzing the top malware threats for 2017. The findings, presented in the Malwarebytes Cybercrime Tactics and Techniques: 2017 State of Malware Report, illustrate a significant shift in attack methodology, a distinct evolution in the predominant attack tools and a distinct divergence in the types of attacks against businesses from attacks against consumers. The report illustrates sharp increases in malware-based cybercrime, including ransomware, banking Trojans, spyware, adware, cryptocurrency miners and others were detected across all victims.
Key findings from the 2017 report include:
Ransomware was the tool of choice for cybercriminals in 2017
Ransomware against consumers went up more than 93 percent while ransomware against businesses increased 90 percent.
The monthly rate of ransomware attacks increased up to 10 times the rate of 2016, with September 2017 having the largest volume of ransomware attacks against businesses ever documented.
Between July 2017 and September 2017, there was a 700 percent increase in ransomware, according to Malwarebytes’ telemetry, with two families making up most of that statistic:
GlobeImposter increased 341 percent from July 2017 to August 2017
WannaCry surged 375 percent from August 2017 to September 2017
2017 saw a massive increase in the malicious use of cryptominers
Driven by the cryptocurrency craze, bad actors have started utilizing cryptomining tools for their own profit, using victim’s personal computers in the process. This includes a significant increase of miners through compromised websites, malicious spam, exploit kit drops and adware bundlers.
Malwarebytes blocked an average of 8 million drive-by mining attempts per day in September 2017.
Cybercriminals continue utilizing banking Trojans and hijackers to steal data from businesses
The second half of the year marked an average of 102 percent increase in banking Trojan detections.
Hijackers rose nearly 40 percent year-over-year, moving this threat to the most common threat detected against businesses in 2017.
Consumer threats are on the rise
The overall threat volume against consumers rose 12 percent in 2017.
Worms and ransomware moved into Malwarebytes’ top 10 types of threats to consumers for 2017.
Adware makers dwindle, but volume continues to increase
The volume of adware increased 132 percent year-over-year, making up 40 percent of consumer threat detections (up from less than 20 percent in 2016).
Adware is Malwarebytes second-most detected threat, despite fewer adware families in the mix. Most of the work is being done by a handful of active adware developers for Windows, macOS and Android.
“Ransomware continued to dominate in 2017, with this tool of choice for hackers increasing 90 percent from the previous year,” said Marcin Kleczynski, Malwarebytes CEO. “What cybercriminals could not hold for ransom, they stole from businesses. For example, spyware is up 30 percent and hijackers are up 40 percent. Each year, we spend countless hours providing analysis on the methodologies, tactics and tools being used by cybercriminals to help our customers and partners protect against the most rampant and prolific threats affecting businesses and consumers worldwide.”
To better understand how cybercriminals are evolving their threats and tactics, Malwarebytes researchers analyzed security threat telemetry from January 2016 to November 2017. Data was also obtained from Malwarebytes’ internal honeypots and collection efforts to identify not only infection, but also malware distribution. The report finds significant increases in the volume of threats against both businesses and consumers and details the most interesting and impactful methods of malware creation and distribution in all of 2017.
“The last year has certainly thrown us a few curveballs, with massive ransomware attacks, changes in malware distribution and the significant increase in cryptocurrency miners. With 2018 just getting started, these findings can help pave the wave for increased awareness, C-level participation and enhanced technologies to better protect both consumers and businesses,” said Kleczynski.
No comments:
Post a Comment