Trojans lead siege on businesses for second year running
Malwarebytes's annual report shows that businesses are facing mounting attacks from money-hungry criminals
Security software firm Malwarebytes has released its annual 'State of Malware 2019' report which analyses the prevalence of different forms of malware and shows how each type is being used to attack businesses and consumers.
Following its quarterly report released in October, Malwarebytes report that for the second year in a row, Trojans are leading the siege on businesses.
In data taken from January to November of every year, the reports showed Trojan detections were up 102% in 2017 and a further 132% in 2018 - a serious and sustained threat to businesses.
Overall, Malware detections rose a further 79% in 2018 with riskware tools (legitimate tools exploited by malicious users), backdoor malware and spyware providing the most increased malware types along with Trojans.
There was also a noticeable shift in the way attackers approached their work towards the latter half of the year. Malwarebytes observed a pivot toward businesses over consumers because they had deeper pockets and more to lose. A targeted attack on businesses would likely yield a greater reward.
This is highlighted by Emotet which is leading the way in terms of Trojan infections. This particular form of malware saw a sharp rise in detections as cyber criminals pivoted towards businesses.
"The current trends with Trojans are likely to continue, while there are opportunities for criminals to exploit weak configurations and outdated assets," the report read. "However, the greater concern is the copycats and new generations of families that are likely going to dominate 2019 across verticals and around the globe."
Emotet is a malware strain which exclusively steals financial information from infected computers; a perfect tool to syphon resources from vulnerable businesses.
Emotet was joined by TrickBot in 2018 as one of the most commonly found malware strains, the pair both harvest data from infected machines. The highly-sensitive data from these campaigns was gleaned from businesses and then sold on the black market for re-targeting in future campaigns.
"Trojans are becoming increasingly popular in business circles as attackers realise how much valuable data is locked away," said Chris Boyd, lead malware intelligence analyst, Malwarebytes. "There's big money to be made in data exfiltration and blackmail, and seeing so many scammers get away with millions from crude business email compromise attacks is probably focusing their attention still further.
"They're replacing the act of endlessly grinding out stolen logins to trade in favour of one huge potential payout from a compromised organisation. All it takes is one network compromise and a few weeks or months of crunching through the network, and they may have their dream haul. Trojans may be old school, but they are absolutely getting the job done"
"We experienced another very active year for malware that shows no signs of stopping," said Marcin Kleczynski, Malwarebytes CEO. "Attackers continued to shift their methodologies to follow the payload. We saw evidence of this with the strong focus on attacking businesses with insecure and unpatched networks.
"From massive data breaches to ransomware attacks, businesses are experiencing what consumers have been dealing with, but on a larger scale," he added. "In the coming year, Malwarebytes is dedicated to providing the cutting-edge protection and remediation tools needed for protecting the world against the most dangerous malware now, and well into the future."
The annual Malwarebytes reports use data gathered from January to November and use honeypots, virtual sandboxes and product telemetry to identify top threats for the year.
The report also examines threats by region, and it comes as no surprise to hear that economic powerhouses US, UK, Germany, France and Australia were just some of the countries that comprised the top 10 most targeted nations.
The complete guide to changing your phone system provider
Optimise your phone system for better business resultsDownload now
Simplify cluster security at scale
Centralised secrets management across hybrid, multi-cloud environmentsDownload now
The endpoint as a key element of your security infrastructure
Threats to endpoints in a world of remote workingDownload now
2021 state of IT asset management report
The role of IT asset management for maximising technology investmentsDownload now