Top Malware Trends for Q1 of 2017

The first quarter of this year has already flown by, and with it, many events as well: a new president was sworn into office, the biggest comeback in the history of the Super Bowl occurred, and a new champion was declared in the college basketball arena. There was also a lot of activity within the world of cybersecurity, primarily in relation to malware. To summarize this activity, it would be helpful for us to take a look at the top five malware trends.

  1. Star Trek-Themed Ransomware brings us a new ransom payment method — Ransomware variants come in all different shapes and sizes, targeted and specialized to nearly every group of people and every fandom out there, so it is not surprising to see that there is a Star-Trek themed variant trying to dupe trekkies into coughing up money in order to regain access to their compromised files. Something more shocking than this malware, dubbed ‘Kirk-ransomware,’ is the payment method requested by hackers — Monero. Touted to be even more elusive, secure, and anonymous than the usual cryptocurrency payment method of Bitcoin, ever since its inception, cybercriminals have been scheming to use this hard-to-track payment method, and this was the first ransomware to do so. It appears as though the first quarter of the year lead to some competition for underground cryptocurrency, Bitcoin.
  2. Small-to-medium sized businesses are highly targeted — Forty-three percent of cyberattacks in 2016 targeted small-to-medium sized businesses, or SMBs, and, of course, this includes malware. A new study by Datto shows that SMB customers are very highly targeted by criminals not only this year, but into the future as well. Unfortunately, many businesses of this size do not have the resources, financially or otherwise, to prepare for potential ransomware or malware threats. Not only did these types of businesses get heavily targeted in 2016, but they have already been the most heavily targeted business demographic outside of hospitals so far this year.
  3. Card skimming made easier by MajikPOS — Quarter 1 for 2017 brought malware to the brick and mortar via MajikPOS, a new type of malware, capable of stealing credit card information through a modular attack researchers had never encountered before. It is affecting many businesses across the US and Canada, primarily gas stations as it is easy for card skimmers to be put on without Point-of-sale workers seeing criminals install it. It is believed MajikPOS has been responsible for stealing over 23,000 credit card numbers in the US and Canada, most of which end up being sold on the darknet.
  4. Inadequate anti-virus tools leave us vulnerable — Thankfully, it does seem as though throughout the general public, people are taking at least some sort of defense against cyber attacks, and they are doing so through anti-virus software. However, unfortunately, nearly one-third of all malware typesstill sneak into computers because of a failure by the antivirus fails to detect the threat. It is evident this major problem will need to be solved sooner rather than later, seeing as it affects many more individuals and businesses than some other insecurities, although it is doubtful that this will happen any time soon.
  5. WYSIWYE malware emerges — WYSIWYE, or What You See is What You Encrypt, malware allows cybercriminals to virtually hand-pick their target and release a personalized ransomware strain. Because of its advanced customization features, including self-deletion, stealth mode, and encrypting specific files, this malware type is causing major headaches within the cybersecurity industry and beyond.

Protect yourself and your business by staying informed on the current malware and other cybersecurity-related trends by paying attention to cyber-news as well as keeping up with the Axiom Cyber Solutions blog.

Hailey R. Carlson | Axiom Cyber Solutions | 04/12/2017