NSA, FBI and ROK illustrate the DPRK hackers TTP, used to lure the victims and steal sensitive info. Especially with social engineering and spear phishing.
The Banking Trojans dominate the malware landscape for organizations
The landscape of the malware cyber threats in first 3 months of 2018 is changed: ransomware is no more on top, substituted by Banking Trojans and angler phishing is booming
The landscape of the malware threats in the first months of 2018 is dominated by Banking Trojans. It has been reported by the cyber security experts of Proofpoint in the Q1 Threat Report, just published. Compared to 2017 and forecasts, there has been a substantial change. The ransomware, which according to many would have been protagonists, have decreased. Instead, cybercrime has launched campaigns with banking Trojans, information stealers, downloaders, remote access Trojans (RATS) and other malicious tools. Above all related to emails. In fact, social engineering has been pervasive, so much so that fraudulent attacks on e-mail have increased and evolved. Even the “angler phishing”, which exploits social media, has boomed. In the reporting period it increased by 200%, despite the efforts of the platforms to stop its spread through algorithms.
The preferred vector of cybercrime to spread Banking Trojans and aìother malware are the emails
According to the Proofpoint report, bank Trojans for the first time since 2016 have supplanted ramsomware as the most used malware in emails. In fact, they are present in 59% of malicious payloads. Among them the most widespread and distributed is Emotet. For the rest, email in general is targeted by credential stealers (19), downloaders (18) and other cyber threats (5). Moreover, the email has become the first target of cybercrime, especially in relation to organizations. 40% of those targeted by web criminals suffered between 10 and 50 cyber attacks in the first quarter of 2018. In addition, those who suffered more than 50 have increased by 20%, compared to the last reference of 2017.
What is the Angler Phishing on social media and why it’s so dangerous
The angler phishing is the latest cybercrime threat in relation to social media. More and more users contact the profiles of companies on the platforms, as it allows immediate communication. Cyber criminals intercept messages and respond to victims, pretending to be the legitimate interlocutor (using the same logos, characters, etc.). During the conversation they try to bring the targets to a phishing site, where they are invited to login. Thanks to this, they can steal sensitive information, which will then be used for fraud or other cyber crimes.
The integral Q1 Threat report by Proofpoint (file PDF)
Photo Credits: Proofpoint