Trojans lead siege on businesses for second year running

Malwarebytes's annual report shows that businesses are facing mounting attacks from money-hungry criminals

Trojan virus

Security software firm Malwarebytes has released its annual 'State of Malware 2019' report which analyses the prevalence of different forms of malware and shows how each type is being used to attack businesses and consumers.

Following its quarterly report released in October, Malwarebytes report that for the second year in a row, Trojans are leading the siege on businesses.

In data taken from January to November of every year, the reports showed Trojan detections were up 102% in 2017 and a further 132% in 2018 - a serious and sustained threat to businesses.

Overall, Malware detections rose a further 79% in 2018 with riskware tools (legitimate tools exploited by malicious users), backdoor malware and spyware providing the most increased malware types along with Trojans.

There was also a noticeable shift in the way attackers approached their work towards the latter half of the year. Malwarebytes observed a pivot toward businesses over consumers because they had deeper pockets and more to lose. A targeted attack on businesses would likely yield a greater reward.

This is highlighted by Emotet which is leading the way in terms of Trojan infections. This particular form of malware saw a sharp rise in detections as cyber criminals pivoted towards businesses.

"The current trends with Trojans are likely to continue, while there are opportunities for criminals to exploit weak configurations and outdated assets," the report read. "However, the greater concern is the copycats and new generations of families that are likely going to dominate 2019 across verticals and around the globe."

Emotet is a malware strain which exclusively steals financial information from infected computers; a perfect tool to syphon resources from vulnerable businesses.

Emotet was joined by TrickBot in 2018 as one of the most commonly found malware strains, the pair both harvest data from infected machines. The highly-sensitive data from these campaigns was gleaned from businesses and then sold on the black market for re-targeting in future campaigns.

"Trojans are becoming increasingly popular in business circles as attackers realise how much valuable data is locked away," said Chris Boyd, lead malware intelligence analyst, Malwarebytes. "There's big money to be made in data exfiltration and blackmail, and seeing so many scammers get away with millions from crude business email compromise attacks is probably focusing their attention still further.

"They're replacing the act of endlessly grinding out stolen logins to trade in favour of one huge potential payout from a compromised organisation. All it takes is one network compromise and a few weeks or months of crunching through the network, and they may have their dream haul. Trojans may be old school, but they are absolutely getting the job done"

"We experienced another very active year for malware that shows no signs of stopping," said Marcin Kleczynski, Malwarebytes CEO. "Attackers continued to shift their methodologies to follow the payload. We saw evidence of this with the strong focus on attacking businesses with insecure and unpatched networks.

"From massive data breaches to ransomware attacks, businesses are experiencing what consumers have been dealing with, but on a larger scale," he added. "In the coming year, Malwarebytes is dedicated to providing the cutting-edge protection and remediation tools needed for protecting the world against the most dangerous malware now, and well into the future."

The annual Malwarebytes reports use data gathered from January to November and use honeypots, virtual sandboxes and product telemetry to identify top threats for the year.

The report also examines threats by region, and it comes as no surprise to hear that economic powerhouses US, UK, Germany, France and Australia were just some of the countries that comprised the top 10 most targeted nations.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Recommended

What is DevSecOps and why is it important?
Security

What is DevSecOps and why is it important?

30 Oct 2020
Weekly threat roundup: NHS COVID-19 app, Nvidia, and Oracle
Security

Weekly threat roundup: NHS COVID-19 app, Nvidia, and Oracle

30 Oct 2020
Ryuk behind a third of all ransomware attacks in 2020
Security

Ryuk behind a third of all ransomware attacks in 2020

29 Oct 2020
REvil hacking group says it has made more than $100m in a year
Security

REvil hacking group says it has made more than $100m in a year

29 Oct 2020

Most Popular

Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020
Hackers demand ransom from therapy patients after clinic data breach
Security

Hackers demand ransom from therapy patients after clinic data breach

27 Oct 2020