The latest annual State of Malware Report from Malwarebytes shows that ransomware had a bumper year in 2017, though it began to trend downwards towards the end of the year.
Ransomware launched against consumers was up more than 93 percent and ransomware against businesses up 90 percent. As the year end approached though many avenues known for ransomware drops were seen diversifying their payloads with banking Trojans and cryptocurrency miners instead.
The report shows an increase of 40 percent in hijackers and 30 percent in spyware detections in 2017. The second half of the year also marked an average of 102 percent increase in banking Trojan detections.
Attacks against consumers rose 12 percent in 2017 too. Adware is up 132 percent among consumers and now represents almost 40 percent of consumer threat detections (up from less than 20 percent in 2016) and is the second most common threat detected. Worms and ransomware moved into the top 10 list of threats to consumers this year as well.
Adam Kujawa, director of malware intelligence at Malwarebytes believes the easy availability of exploit kits is a factor. "There are so many more resources available for wannabe criminals, people who have no interest in learning the technical side but want to benefit from the attack methods. We've also seen the ransomware as a service model where ransomware is created for customers and those customers then sell it out as affiliates. The creators get a percentage of the ransom and the users get the rest so it keeps everyone in business."
Delivery methods have shifted too. 2017 has shown little development for exploit kits, as no new zero-day exploits were used by any of the remaining exploit kits still in the wild. Instead, intense development of malicious spam detection evasion tactics, as well as the inclusion of multiple exploits for Microsoft Office documents, caused a surge of malware delivery through these vectors.
"On the business side attacks are usually targeted," adds Kujawa. "Criminals are taking time to craft attacks that are more likely to land and succeed. We've seen a move away from exploit kits used in computer versus computer attacks. Advances in security technology mean the ability to directly infect a user's machine without their involvement at all is becoming very limited. We now see more 'hacker versus people' attacks using social engineering to fool you and trick you into doing things. Unfortunately people can’t be patched, as long as they can be gullible we'll always have a cyber crime problem regardless of how effective our hardware and software solutions are."
You can find out more and access the full report on the Malwarebytes blog.