Most Wanted Malware – Banking Trojans Attack Again

The Trickbot, Ramnit, and Zeus banking trojans - each of them appeared in top 10. All these trojans typically work by finding when victim is going to the website of a bank, and after this use the keylogging or web injects for harvest the basic login information or more critical information like PIN numbers. Besides, trojans might also re-direct the victims to duplicate banking websites that are designed to mimic genuine websites and thus steal credentials through it.

The Global Threat Impact Index of August further revealed that Globeimposter, ransomware disguised as Globe ransomware variant, was 2nd most common malware in the world throughout this month. Even though it was identified in May 2017, this malware didn't start to quickly proliferate till Aug., distributed by the spam campaigns, malvertising as well as exploit kits. On encryption, the Globeimposter appends .crypt extension in each of the encrypted file; and then a payment was asked from the victims in lieu of decrypting the victim's valuable data.

Maya Horowitz, a threat intelligence group manager at Check Point, released a press release stating that the final objective of most of these attackers is just to make money. However, the tools and processes available to them are rising extremely different.

Techrepublic.com posted on September 18th, 2017, quoting a release by Horowitz as saying "In view of both highly effective ransomware version and a series of banking Trojans in the top ten most common malware families actually underlines how stubborn and sophisticated malicious hackers can be in their attempts to extract money."

The report revealed that Roughted remain as top malware in the month of August, though its worldwide impact reduced to less than 12% from 18% of organizations globally. Globalimposter in 2nd place had an impact of 6% globally, whereas HackerDefender in 3rd place had an impact of 4% globally.

It is important for organizations to be careful to these shifting threats, to simultaneously keep their defenses updated against popular malware families, new versions and new zero-day threats. Which attack did not make the list in August, was another interesting point about top threats in August. The HummingBad attack, which was believed to have infected 10 Mn devices at one point of time, did not make the list. This proves further that nature of threat landscape changing fast.

» SPAMfighter News - 9/28/2017