The Latest Trends in Malware

         As we move further into the 21st century and witness the major advancements in computational power and the sprawl of web-connected devices, malware writers manage to keep up with trends and write malevolent software to match each step forward. Just like the legitimate players in the tech industries, these shadowy figures innovate and find new vectors for infection and better methods to obscure their wares from the average user and professional alike. It is safe to assume that cybercriminals are doing all they can to become more effective and virulent, and as a result the demand for the security industry’s remedies grows as well. Here is a look at some upcoming trends in malware.

         While some malware aim to impose a ransom or to steal data, others take a more aggressive approach. These “wiper malwares”, such as “Shamoon”, “Black Energy”, and Destover” have the single purpose of destroying systems and the data they contain. This tends to cause a great deal of financial damage to victims, as well as ruining their reputation in many cases. Whether it is all about sabotage or a means to cover the threat actor’s tracks on the way out of a penetrated system, this is an area to watch.

         “Fileless malware” is able to infect local hosts without leaving behind any artifacts on the hard drive. This makes it difficult for traditional antimalware software to detect them, as they tend to rely on virus and malware signatures to determine infection. These attacks almost doubled in 2018.

         Botnets are distributed infections using many host’s computational power to infect others and perform the desired actions of the attacker, such as crypto-mining or DDosing targets. So-called “bot-herders” who control these bots have even managed to create “self-organizing” botnet swarms. Due to the promise of automated wide-spread infection, this is a very enticing method of spreading malware for threat actors everywhere.

         APTs (Advanced Persistent Threats) are typically thought to originate from nation-state actors with a wealth of resources. Due to the sovereignty of nation-states, it is difficult to impossible to do anything with regard to enforcement. They are able to create customized malware of the highest order to carry out their espionage and attacks, and often aim to spy on vast numbers of users and even entire enemy or rival nations. These threats, such as the malware “Sofacy”, will only continue to grow, and have now been observed to evolve their own code.

         Cryptomining, which we have looked at previously, has seen an 83 percent increase in attacks in this last year according to Kaspersky Lab, with over 5 millions infections in the first three quarters of 2018. Examples include “Mass Miner” and “Kitty”.

         Threat actors have picked up development of Card-skimming malware in 2019 according to RiskIQ. These malware steal personal information at POS machines and often involve the physical planting of devices onto things such as ATMs to “skim” credit card details.

         Steganography involves hiding information using methods such as encoding executable information in images, text documents, and other formats that are less traditional. Encoding malware steganographically helps evade recognition by antimalware software. Threat actors will continue to push the limits to hide their toxic software from the user and antimalware alike.

         Source: Threatpost.com

————————————————————————————–