Botnet Herders Increasingly Prefer Multi-Functional Malware

Kaspersky Lab in its latest report on botnet operations during the period January-June shows how botnet herders now prefer to spread malware which has multiple functions instead of their earlier type of specific malware with a single function.

The multi-functional malware lets the botnet controllers gain complete hold over the contaminated PCs while serves to be increasingly lucrative for those botnet herders when they get increasing scope for filching end-users' sensitive information. For preparing the report, Kaspersky studied over 150 malware groups along with their modifications as they navigated across 60,000 botnets worldwide.

The study showed that the number of multipurpose RATs (remote access trojans) had nearly become twofold on botnets from 2017 start. More specifically, the share increased from 6.5 percent to 12.2 percent. Darkreading.com posted this, August 30, 2018.

Among all of the RATs in discussion, 3 most widespread are Nanocore, DarkComet and Njrat. The total RATs, alternatively backdoors, function as malware tools which the cyber-criminals can relatively reconstruct without difficulty to serve various purposes else make suitable to be distributed within specific regions. The security company found command-and-control servers of Njrat within 99 countries, primarily, since the attackers quite easily utilized the particular RAT for configuring certain backdoor for themselves even if knowledge to develop it was limited. DarkComet and Nanocore were found to have command-and-control infrastructures within more than 80 countries whose reason is same too.

Meanwhile, growth of Trojans wasn't same as that of RATs; however, the number of them identified even then rose from almost 33% during July-December 2017 to slightly greater than 34% during January-June 2018. It's possible to suitably alter and control a Trojan family with several command-and-control infrastructures, each for doing a different task, like theft of sensitive information or cyber-espionage.

As for declines, single-purpose malware strains spread via botnets reduced from July-December 2017. For instance, during July-December 2017, 22% and more of the entire lot of distinct malware strains spread via the botnets that Kaspersky Lab maintained a watch over were bank info-stealing Trojans, whereas during January-June 2018, aggregate banker Trojans declined over 9% accounting for about 13% of all malware strains.

» SPAMfighter News - 9/6/2018