Encrypted Malevolent Content Increasing More and More, Warns Zscaler

Security Company Zscaler says malevolent content encrypted with the help of SSL/TLS recently increased over twofold in volume during February-July 2017 when cyber-criminals sought bypassing security software. The company through its new findings claims that within Zscaler Cloud, more than 60 percent of transactions are at present encrypted using TLS/SSL. The reason more and more often is attributed to wily hackers who seek towards concealing their malevolent traffic.

Zscaler further says it stops a mean of huge 8.4m requests within traffic related to SSL/TLS and found 7% (600K) of those having sophisticated threats.

Senior Director Deepen Desai for security research and operations said that hackers were utilizing SSL more and more for hiding device infections, covering data exfiltration as well as concealing command-and-control (C&C) messages from botnets. Indeed, Zscaler's research discovered that TLS/SSL based phishing attacks delivered daily had risen 400% over 2016, Desai further said.

Malicious software is increasingly resorting to SSL for encrypting communications to and fro the C&C infrastructures with the hijacked endpoints for concealing payloads, instructions as well as other information getting dispatched. Phishers too utilize TLS/SSL while appending their spoofed web-pages to sites using authentic certificates.

Nevertheless, in spite of employing hardware for identifying and stopping the said kind of attacks, it isn't always possible to conduct SSL inspection because of problems of too much expenses or latency. The security sector thus faces sobering development with encryption turning out to become the standard to aid transmission of malicious software.

Security investigators from ThreatLabZ too detected fresh distributions of malevolent payloads that were distinct in nature while striking Zscaler's Cloud Sandbox and which used TLS/SSL to execute C&C operations.

The total payloads contained 60% of banking Trojans comprising Zbot, Dridex, Trickbot and Vawtrak, whilst 25% of various ransomware strains. Other 'payloads' not so popular consisted of 'Infostealer Trojans' as well as other miscellaneous malware. Scmagazineuk.com posted this online dated August 3, 2017.

Notably, Zscaler isn't the sole company providing security software against encrypted malware because Cisco, during June, disclosed that one fresh network of the firm used machine learning for locating malicious content within encrypted data.

» SPAMfighter News - 8/9/2017