IBS Journal March 2018

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

NEWS

IBS Journal March 2018

15

Crypto mining malware on the rise as security threats, blockchain and IoT attack next targets

I

n the past six months, we have seen a series of breaches and other security events that have taken the industry by storm. If you’re interested in security breaches, you can have a look at

the recent infographic we published on the top ten worst data hacks of all time (https://ibsintelligence.com/ibs-journal/ibs-news/top- ten-worst-data-hacks-time).

In Check Point’s H2 2017 Global Threat Intelligence Trends Report, you can have an extended view of the second half of 2017 in terms of security. The report analyses data from 250 million addresses analysed for bot discovery, 11 million malware signatures, and 5.5 million infected websites to highlight the most compromising and/or prevalent threats.

In September we saw Equifax data getting compromised, mostly social security numbers and other personal information belonging to 143 million US consumers. A couple of months after that, the malware Bad Rabbit infected institutions in Russia and Ukraine. And lastly, Check Point listed a cryptocurrency miner in the top of its monthly Global Threat Index at the end of the year.

One of the most remarkable points in the report is the rise in ubiquity of cryptocurrency miners, and how they have become a threat themselves.

“The second half of 2017 has seen crypto-miners take the world by storm to become a favourite monetising attack vector,” commented Maya Horowitz, threat intelligence group manager at Check Point. “While this is not an entirely new malware type, the increasing popularity and value of cryptocurrency has led to a significant increase in the distribution of crypto-mining malware.”

Many cryptocurrency miners were using other people’s computer power through website infections to mine Bitcoin. However, the number of exploit kits decreased as a result of new security mechanisms introduced by web browsers and the increasing difficulty of discovering zero-day vulnerabilities before they are sold on the dark web. Spam operations and malspam also went down.

Malware, by categories

During the second half of 2017, there has been a range of new malware families that have emerged recycling successful code

from other malware. For example, Internet of Things (IoT) botnets IoTroop and Satori took code from Mirai. Overall, the largest malware family is Roughted, with 15.3% of all reported malware belonging to this category. It peaked during May and June, but the threat fell considerably within a month.

However, it is still prevalent. CoinHive, a crypto-miner malware; and Locky, a crypto-ransomware, are the two other big families accounting for about 8% each.

When it comes to ransomware, Locky accounts for almost a third of all breaches, but Globeimposter and WannaCry follow closely, with over a quarter and nearly a six of the total, respectively. Trojan Ramnit tops the list of banking malware, with 34% of the total. This malware steals banking credentials, FTP passwords, session cookies and personal data. Zeus (22%) and Tinba (16%) are the other candidates in the top three.

When it comes to mobile malware, Hidad is king, with more than half of infections attributed to this malware family targeting Android. Triada and Lotoor are some of the other Android malware that lurk about in abundance.

And lastly, crypto-mining malware. Coinhave, the Monero miner, makes up more than half of the infections,

with Cryptoloot and Coinnebula following far behind. What’s to come

Check Point believes that blockchain attacks will evolve in the upcoming year, and so will virtual wallet and credential theft. The same goes for cryptocurrency – now that it has become a mainstream trend, it is likely that new targets and new methods will be developed. With these attacks, there will be a rise in banking Trojans, and mobile botnets designed to mine cryptos illicitly. Check Point also predicts that IoT attacks will become more and more sophisticated. The research company also anticipates that the security industry will see more cross-platform malware attacks.

www.ibsintelligence.com

tigerlily713 / pixabay

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32 | Page 33 | Page 34 | Page 35 | Page 36 | Page 37 | Page 38 | Page 39 | Page 40 | Page 41 | Page 42 | Page 43 | Page 44 | Page 45 | Page 46 | Page 47 | Page 48 | Page 49 | Page 50 | Page 51 | Page 52