Online threats for October 2015, botnets and encryption malware still prevalent
Malware and viruses always seem to be in the news, and there isn't an end in sight. The latest threats are mostly platform agnostic, attacking the desktop. Email and mobile, as well as the dreaded encryption schemes designed to steal your money. The latter was in the news this week as the FBI claimed it recommends paying the criminals, something security firm Sophos, and just about everyone else, took exception to.
Now Dr. Web is releasing its report for the month of October, and there are few surprises. October was actually a less active month, which is good news, but threats stil lurk out there.
The threat of the month, according to Dr, Web, was a website hack that appeared in Google search results. It took users to a site for a popular Russian TV show. It did require certain conditions to operate, but when operating it opened a second browser window that could not be closed and executed a script that reported to the cybercrimminals.
"The extension detected by Dr.Web as Trojan.BPLug.1041 serves the purpose of injecting arbitrary content into webpages browsed by the user. Moreover, on all websites, the malicious program blocks third-party advertisements from any domains, except for those listed in the configuration file. If the user logs in to the Odnoklassniki (“Одноклассники”) social networking website", the security researchers report.
The most common malware ws Trojan,Siggen6.33552 which is built to install more mailicious programs on any computer it infects. This is followed by Trojan.Crossrider.42770.
As for email, users need to watch out for Trojan.Encoder.567. This encrypts files and demands money. Files included are pg, .jpeg, .doc, .docx, .xls, xlsx, .dbf, .1cd, .psd, .dwg, .xml, .zip, .rar, .db3, .pdf, .rtf, .7z, .kwm, .arj, .xlsm, .key, .cer, .accdb, .odt, .ppt, .mdb, .dt, .gsf, .ppsx, .pptx.
Overall botnet traffic remains steady, but Dr, Web reports that "cybercriminals controlling the Linux.BackDoor.Gates.5 botnet became considerably less active—in comparison with the previous month, the number of attacked IP addresses decreased by 33.29 per cent and was estimated 5,051". The most prevalent attacks took place in China, the US and France weren't far behind.
Finally we come to encryption malware, a sector that has grown more than 12 percent in October, rising to 1,471 requests received for decryption.
In other words, keep a close eye on everything you do online. Safe usage is possible, but it requires user vigilance.