Trojans lead siege on businesses for second year running

Malwarebytes's annual report shows that businesses are facing mounting attacks from money-hungry criminals

Toy horse on a digital screen to symbolise the attack of the Trojan virus

Security software firm Malwarebytes has released its annual 'State of Malware 2019' report which analyses the prevalence of different forms of malware and shows how each type is being used to attack businesses and consumers.

Following its quarterly report released in October, Malwarebytes report that for the second year in a row, Trojans are leading the siege on businesses.

In data taken from January to November of every year, the reports showed Trojan detections were up 102% in 2017 and a further 132% in 2018 - a serious and sustained threat to businesses.

Overall, Malware detections rose a further 79% in 2018 with riskware tools (legitimate tools exploited by malicious users), backdoor malware and spyware providing the most increased malware types along with Trojans.

There was also a noticeable shift in the way attackers approached their work towards the latter half of the year. Malwarebytes observed a pivot toward businesses over consumers because they had deeper pockets and more to lose. A targeted attack on businesses would likely yield a greater reward.

This is highlighted by Emotet which is leading the way in terms of Trojan infections. This particular form of malware saw a sharp rise in detections as cyber criminals pivoted towards businesses.

"The current trends with Trojans are likely to continue, while there are opportunities for criminals to exploit weak configurations and outdated assets," the report read. "However, the greater concern is the copycats and new generations of families that are likely going to dominate 2019 across verticals and around the globe."

Emotet is a malware strain which exclusively steals financial information from infected computers; a perfect tool to syphon resources from vulnerable businesses.

Emotet was joined by TrickBot in 2018 as one of the most commonly found malware strains, the pair both harvest data from infected machines. The highly-sensitive data from these campaigns was gleaned from businesses and then sold on the black market for re-targeting in future campaigns.

"Trojans are becoming increasingly popular in business circles as attackers realise how much valuable data is locked away," said Chris Boyd, lead malware intelligence analyst, Malwarebytes. "There's big money to be made in data exfiltration and blackmail, and seeing so many scammers get away with millions from crude business email compromise attacks is probably focusing their attention still further.

"They're replacing the act of endlessly grinding out stolen logins to trade in favour of one huge potential payout from a compromised organisation. All it takes is one network compromise and a few weeks or months of crunching through the network, and they may have their dream haul. Trojans may be old school, but they are absolutely getting the job done"

"We experienced another very active year for malware that shows no signs of stopping," said Marcin Kleczynski, Malwarebytes CEO. "Attackers continued to shift their methodologies to follow the payload. We saw evidence of this with the strong focus on attacking businesses with insecure and unpatched networks.

"From massive data breaches to ransomware attacks, businesses are experiencing what consumers have been dealing with, but on a larger scale," he added. "In the coming year, Malwarebytes is dedicated to providing the cutting-edge protection and remediation tools needed for protecting the world against the most dangerous malware now, and well into the future."

The annual Malwarebytes reports use data gathered from January to November and use honeypots, virtual sandboxes and product telemetry to identify top threats for the year.

The report also examines threats by region, and it comes as no surprise to hear that economic powerhouses US, UK, Germany, France and Australia were just some of the countries that comprised the top 10 most targeted nations.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Recommended

How to encrypt files and folders in Windows 10
encryption

How to encrypt files and folders in Windows 10

9 Apr 2021
The definitive guide to IT security
Whitepaper

The definitive guide to IT security

9 Apr 2021
Evidence suggests REvil behind Harris Federation ransomware attack
ransomware

Evidence suggests REvil behind Harris Federation ransomware attack

9 Apr 2021
Fujitsu taps Trend Micro to secure private 5G networks in smart factories
5G

Fujitsu taps Trend Micro to secure private 5G networks in smart factories

8 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Data belonging to 500 million LinkedIn users found for sale on hacker marketplace
hacking

Data belonging to 500 million LinkedIn users found for sale on hacker marketplace

8 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021