Malware targeting IoT devices grew 72pc in 2018

Cybersecurity has always been a hot-button issue. 2018 has been no different.

According to a report by McAfee, an average of 480 new threats per minute appeared in Q3 2018 alone, with a whopping 72 percent rise in new malware targeting Internet of Things (IoT) devices.

This is a significant event, as according to a recent report by Grand View Research, the market for IoT is expected to hit US$9.88 billion by 2025.

Moreover, there will be 1.2 billion devices with Artificial Intelligence (AI) elements embedded into them by 2023 as well, according to another report from Deloitte.

Apparently, cybercriminals obtain digital certificates for malicious signed binaries, enabling them to execute attacks in a simple manner.

With an overall rise of 203 percent in the last year, cryptojacking is becoming an increasingly popular method by which hackers penetrate networks these days. In fact, new coin mining malware grew almost 55 percent in the third quarter of 2018.

The report also highlighted the threat of ransomware attacks on businesses. Apparently, “GandCrab”, which was cited as the most active ransomware family, increased its ransom payment from US$1,000 to US$2,400.

These ransomware samples grew ten percent in the third quarter, with at least a 45 percent rise in the past year alone.

For example, “Gamut”, the top spam-producing botnet ranked high on the charts in terms of attacks. It extorts users by threatening to make their browsing history public.

Other botnets that were most feared include “StealRat”” and “Necurs.

On a separate note, banking trojans have been turning into uncommon file types, such as IQY files, and can bypass email protection systems quite easily and effectively.

A rise in macro malware, which usually arrives in a Word or Excel document in a spam email or zipped attachment is also another popular avenue for hackers. Bogus but tempting filenames encourage victims to open the documents, leading to infection if the macros are enabled.

Overall, there was a 64 percent increase in incidents reported in the finance industry and an incredible 150 percent jump in disclosed incidents in the public sector too.

Interestingly, the report also states that underground hacker forums are still commonplace in the dark web marketplace, which is generally accessible via TOR.

These forums focus on leaked user credentials, credit-card stealing malware that target e-commerce sites, Remote Desktop Protocol (RDP) platforms and an extensive range of malware offerings for sale.

Cyber espionage was another facet explored by the report, and the company believes adversary groups sponsored by the Russian government targeted government, laboratory, energy and military sectors in the US as well.