Malwarebytes, the leading advanced endpoint protection and remediation solution, announced the results of the Q1 2019†Cybercrime Tactics and Techniques report. The report is a culmination of data based on the Company’s unique threat analysis capabilities. Q1 showed a significant uptick in business ransomware detections (195 percent), along with continued momentum for Trojan variations by over 200 percent and a sharp decline in cryptomining.
Trusted as an authority on malware and threat analysis, Malwarebytes’ latest report shows an increasing trend of cybercriminals targeting businesses, and in particular SMBs, whose limited resources make them prime targets. This shift away from consumer targets demonstrates that cybercriminals are focusing on higher value targets with heavier stores of consumer data over individuals. This quarter, a new section on data privacy has been added to the report, detailing the habits and sentiments of consumers on their data amidst the evolving threat landscape, as well as businesses’ lax practices for protecting that data.
“Consumers might breathe a sigh of relief seeing that malware targeting them has dropped by nearly 40 percent, but that would be short-sighted,” said†Adam Kujawa, director of Malwarebytes Labs. “Consumer data is more easily available in bulk from business targets, who saw a staggering 235 percent increase in detections year-over-year. Cybercriminals are using increasingly clever means of attack to get even more value from targets through the use of sophisticated Trojans, adware, and ransomware.”
Highlights from the report include:
- The US leads in global threat detections at 47 percent,†followed by†Indonesia†with nine percent and†Brazil†with eight percent.
- Businesses are the prime target.†Overall detections of threats to businesses have steadily risen. They increased by about seven percent from the previous quarter, while consumer detections declined by nearly 40 percent. Compared to Q1 2018, business detections have skyrocketed 235 percent.
- Ransomware is back to business.†Ransomware has gained rapid momentum among business targets with an increase of 195 percent in detections from Q4 2018 to Q1 2019. Compared to the same time last year, business detections of ransomware have seen an uptick of over 500 percent, due in large part to a massive attack by the Troldesh ransomware against US organizations in early Q1.
- Emotet†also†continues to target enterprises.†Emotet has made a total shift away from consumers, reinforcing the intent of its creators to focus on enterprise targets, except for a few outlier spikes. Detections of Trojans (Emotet’s parent category) on business endpoints increased†more than 200 percent†since Q4, and almost 650 percent from the same time last year.
- Cryptomining†against consumers is essentially extinct. Marked by the popular drive-by mining company CoinHive shutting down operations in March, consumer cryptomining dropped by 79 percent for consumers compared to the same time period last year.
- Mobile Mac devices are increasingly targeted by adware.†While Mac malware saw a more than 60 percent increase from Q4 2018 to Q1 2019, adware was particularly pervasive,†growing over 200 percent†from the previous quarter.
- Exploit authors†developed some flashy techniques. A new Flash Player zero-day was discovered in Q1 and quickly implemented into popular exploit kits, including Underminer and Fallout EK, as well as a new exploit kit called Spelevor.
The full Cybercrime Tactics and Techniques Report is available here.