CYBER NEWS

Q1 2018 Malware Relatório: Ransomware Dethroned por Cryptominers

O primeiro trimestre de 2018 já passou, e pesquisadores de segurança foram capazes de tirar algumas conclusões importantes. Parece que durante os primeiros três meses deste ano, ransomware foi finalmente destronado. The new most prevalent cybersecurity threat is now cryptomining, to no one’s surprise, realmente. The statistics come from Comodo’s Global Malware Report Q1 2018.

Story relacionado: Malware Trends 2018: Como é a ameaça Paisagem Shaping?

Ransomware No Longer Number 1 Threat

Ransomware has long been the most widespread infection attacking users worldwide and compromising their private data. Agora, cryptominers have become the most prevailing infection. Contudo, it is not Bitcoin that is in the spotlight of malicious crypto mining but Monero, researchers found.

pesquisadores from Comodo have been following cryptominers, and concluded that the biggest increase in these infections started in 2017 shortly after Bitcoin’s price skyrocketed to $20,000. The infection tendency continued with the beginning of 2018 when the market cap of cryptocurrencies reached $264 bilhão. This is the milestone that shifted the attention of cybercriminals from ransomware to cryptomining.

During Q1 2018, Comodo Cybersecurity detected 28.9 million cryptominer incidents out of a total of 300 million malware incidents, amounting to a 10% compartilhar. The number of unique cryptominer variants grew from 93,750 in January to 127,000 em março. Ao mesmo tempo, the data shows this criminal attention came at the expense of ransomware activity, with new variants falling from 124,320 in January to 71,540 em março, uma 42% decrease.

Mais especificamente, Monero miners have become attackers’ favorite tools. And that’s not surprising at all – cybercriminals have been choosing Monero over Bitcoin for several reasons.

Story relacionado: Por que os cibercriminosos estão Ditching Bitcoin para Altcoins

Desde o início da 2017 Monero has been growing steadily. moeda (XMR) is perhaps the most untraceable cryptocurrency, and it has been developed with privacy in mind. It is open-source and freely available to all. With Monero, you are your own bank. According to Monero’s official website, only you control and are responsible for your funds, and your accounts and transactions are kept private from prying eyes.

Monero was launched in 2014, and it offers enhanced privacy features. It is a fork of the Bytecoin codebase which uses identity-obscuring ring sugnatures. This is how the cryptocurrency conceals which funds have been sent in both directions – to whom and by whom.

Monero’s privacy-centered features ideally serve cybercriminals’ purposes, as it hides their transactions, cannot be tracked or blacklisted. Monero also creates blocks every two minutes which gives criminals more opportunities for attacks. Monero is also perfect for mining on average user machines.

Como um resultado, numerous Monero miners have been detected in the wild exploiting the resources of users’ computers worldwide. Aqui estão vários exemplos:

Other Malware Trends from Q1 of 2018

Senha, Data Stealers

Besides cryptominers, password stealers have become more sophisticated than before. Comodo researchers observed the trend of credentials stealers being added to malware. This means that criminals are very interested in collecting passwords and login details. The team analyzed new variants of the well-known Pony Stealer malware which has demonstrated new capabilities in stealing data, and had become stealthier than before.

Ransomware Resurgence

Even though ransomware is not the most widespread threat right now it doesn’t mean that ransomware operators will leave things at that.

Ransomware attacks led the malware market in previous quarters, but showed a radical decrease in the number of overall detections, likely due to the shift to the low-hanging fruit of cryptominers, researchers said in their report. The number of ransomware infections dropped from 42% em agosto 2017 to just 9% em fevereiro 2018. Não obstante, Comodo says that both users and security experts should prepare for new ransomware attacks, where the focus may be data destruction like in the NotPetya case.

Story relacionado: Austrália para informar partidos políticos sobre as ameaças cibernéticas

Geopolitical Attacks

Geopolitical malware detections correlate with current events around the world, the report found out. In Q1 2018, there were potential geopolitical correlations related to national elections in China and Russia. Comody says that there were correlations in Egypt, Índia, Eu corri, Israel, Turkey and Ukraine relative to military operations, along with other trends across Europe, Asia and Africa.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...