Malicious Cryptocurrency Miners Gaining Momentum


WatchGuard’s Q1 2018 Internet Security Report reveals a rise in crypto-miner attacks and geographically targeted malware campaigns

2 July 2018 – WatchGuard® Technologies’ latest Internet Security Report reveals that 98.8 percent of seemingly common Linux/Downloader malware variants in Q1 2018 were actually designed to deliver a popular Linux-based cryptocurrency miner. This is just one of several signs that malicious crypto-mining malware is becoming a top tactic among cyber criminals. The report details delivery mechanisms for these crypto-miner attacks and explores other prevalent security threats targeting small to medium sized businesses (SMBs) and distributed enterprises.

Corey Nachreiner
Corey Nachreiner

The findings are based on anonymised threat intelligence from nearly 40,000 active WatchGuard UTM appliances worldwide, which blocked more than 23 million malware variants (628 per device) and over 10 million network attacks (278 per device) in Q1 2018.

“Our Threat Lab team has uncovered multiple indicators that suggest malicious crypto miners are becoming a mainstay in cyber criminals’ arsenals and will continue to grow more dominant,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “While ransomware and other advanced threats are still a major concern, these new crypto-miner attacks illustrate that bad actors are constantly adjusting their tactics to find new ways to take advantage of their victims. Once again, we saw nearly half of all malware slip past basic signature-based antivirus solutions due to various obfuscation methods. One way every organisation can become more secure against these sophisticated, evasive threats is to deploy defences enabled with advanced malware prevention.”

Other key findings in the latest WatchGuard Internet Security Report include:

  • For the first time, APAC reports the highest malware volume. In past reports, APAC has trailed EMEA and AMER in the number of reported malware hits by a wide margin. In Q1 2018, APAC received the most malware overall and the vast majority of these attacks were Windows-based malware and 98 percent were aimed at India and Singapore.
  • Nearly half of all malware eludes basic antivirus (AV) solutions. WatchGuard UTM appliances block malware using both legacy signature-based detection techniques and a modern, proactive behavioural detection solution – APT Blocker. When APT Blocker catches a malware variant, it means the legacy AV signatures missed it. This zero day malware – a term for malware that is able to evade traditional signature-based AV – accounted for 46 percent of all malware in Q1. This level of zero day malware suggests that criminals are continuing to use obfuscation techniques to beat traditional AV services, emphasising the importance of behaviour-based defences.
  • Mimikatz targets the US and skips Asia Pacific. The Mimikatz Windows credential-stealing malware reappeared on WatchGuard’s top 10 malware list after several quarters of absence. Two thirds of the detection of this malware was in the United States and under 0.1 percent of detections were in APAC, possibly due to the complexity of double-byte characters in countries like Japan that use a symbol-based language for passwords.
  • The Ramnit trojan makes a comeback in Italy. The only malware sample on WatchGuard’s top 10 list that hadn’t appeared in a past report was Ramnit, a trojan that first emerged in 2010 and had a brief resurgence in 2016. Nearly all (98.9 percent) of WatchGuard’s Ramnit detections came from Italy, indicating a targeted attack campaign. Since past versions of Ramnit have targeted banking credentials, WatchGuard advises Italians to take extra precautions with their banking information and enable multi-factor authentication for any financial accounts.

The complete Internet Security Report features a detailed breakdown of the record-breaking GitHub 1.35 Tbps DDoS attack, as well as analysis of the quarter’s top malware and network attacks, and key defence tactics for SMBs.

Don’t miss the new podcast, The 443 – Security Simplified, from the team behind the Internet Security Report and Secplicity.org. Each week, they will analyse the methods and techniques behind the latest hacks, attacks, and breaches. They’ll detail what happened, how the bad guys did it, and provide actionable insights businesses can use to protect themselves.

For more information, download the full report here https://www.watchguard.com/wgrd-resource-center/security-report-q1-2018. To access live, real-time threat insights by type, region and date, visit WatchGuard’s Threat Landscape data visualization toolSubscribe to The 443 – Security Simplified podcast at Secplicity.org, or wherever you find your favourite podcasts.


About WatchGuard Technologies
WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, and network intelligence products and services to more than 80,000 customers worldwide. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for distributed enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com.

For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org.

Media Contacts:
Chris Warfield, WatchGuard Technologies, + 206.876.8380, chris.warfield@watchguard.com
Peter Rennison or Sam Morgan, PRPR, 01442 245030, pr@prpr.co.uk / sam@prpr.co.uk

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

::::::::::::::::::::::::::::::::::6733:::::::::::::::::::::::::::::::::;;

:::::::::::::::::::::::::::::925:::::::::::::::::::::::::::::::

TRIO STEEL IS ONE OF THE MOST TRUSTED BRAND AND LEADING EXPORTER AND SUPPLIER OF CARBON STEEL, ALLOY STEEL & STAINLESS STEEL PIPES & PIPE FITTINGS MATERIAL. Triosteel is one of the leading Suppliers and Exporters of API 5L Pipe in Singapore. Triosteel also Exports to many countries like Indonesia, Iran, Saudi Arabia & many more. An API 5L pipe is manufactured by adhering to the specifications laid down by the International Organization for Standardization (ISO) 3183.

2780

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

2781

buy! buy! CHEAP! Telefonie VoIP CHEAP! buy! buy! CHEAP!

——————————————–

For the 2012 MLB period, we found an totals forecast Joao’s Renowned Over/Under João Zorro Gonçalves, Zcode Totals Pro, System of the time with progressions that have been successful over 98 98% ... We eventually perfected our over/under program ( Zcodesystemexclusive ), although it h-AS has brought years of investigation. Five Steps to Making a Winning MLB Method: 1. Execute appropriate cash management tools. 2. MLB rules that are comprehend. 3.Extensive testing back to make sure successful longterm results ...

——————————————–

There is always a challenge when you're dealing with the Foreign Exchange Market. That's just the nature of the beast. The best thing you can do is to learn about how the market operates as a whole so that you will be ready to meet these challenges. iq option penipu Never be misled by any profit gains in binary options. This is the number-one way traders end up losing their money and ultimately failing. Remember that the same things that make you laugh can make you cry in this market, and you can lose that $700.

——————————————–

Learning Polish has never been this fun and easy as with our podcasts Learn Polish with Polishpod101 Start today and become conversational in Polish in no time

——————————————–

The Best Website Agen Poker Resmi www.sakupoker.com Terpercaya come join

——————————————–

Do you need edmonton phone systems service ? Call complete communications today!

——————————————–

High-tech solutions for easy start-up of your IPTV/OTT-business

——————————————–

——————————————–

If you want to purchase not only one item, you have a chance to enjoy privileges. There is a sale’ tab on the site which offers a fantastic range of reduced counterfeit watches and accessories, such as sunglasses, cufflinks, watch straps and pens. Luxury Jewelry Replica At MCA.MN On Sale You get a 5% discount if you buy two pieces, this discount increases to 10% if you buy 4 pieces or more. There is free international shipping on all orders on this site. We also offer customers a free return anytime with a 100% money back guarantee.

——————————————–