Banking malware grows as cryptominers decline
The latest mid-year Cyber Attack Trends Report from Check Point shows mobile banking malware attacks are up 50 percent compared to the first half of 2018, while the number of organizations hit by cryptominers is down to 26 percent, from 41 percent last year.
Among the top banking malware variants are Ramnit (28 percent), a Trojan that steals banking credentials, FTP passwords, session cookies and personal data; Trickbot (21 percent), which first emerged in October 2016; and Ursnif (10 percent) a Trojan that targets the Windows platform.
Other shifts in the threat landscape include increased focus on supply chain attacks where the threat actor typically installs malicious code into legitimate software, by modifying one of the building blocks the software relies on.
Email scammers have started to employ various evasion techniques designed to bypass security solutions and spam filters, such as encoded emails, images of the message embedded in the email body and complex underlying code which mixes plain text letters with HTML characters. Additional methods that allow scammers to remain under the radar of filters and reaching targets' inbox include social engineering techniques and personalizing email content.
The growing popularity of public cloud environments has led to an increase in cyberattacks targeting the resources and sensitive data residing on these platforms. Inadequate security practices such as misconfiguration and poor management of the cloud resources, remains the most prominent threat to the cloud ecosystem in 2019, subjecting cloud assets to a wide array of attacks.
"Be it cloud, mobile or email, no environment is immune to cyber attacks. In addition, threats such as targeted ransomware attacks, DNS attacks and crytominers continue to be relevant in 2019, and security experts need to stay attuned to the latest threats and attack methods to provide their organizations with the best level of protection," says Maya Horowitz, threat intelligence group manager at Check Point.
The full report is available from the Check Point site.