McAfee researchers; he analyzed the trend of malicious crypto mining software, Windows 10 Cortana vulnerabilities, blockchain attack vectors, mobile billing fraud practices and exploitability features.
McAfee , a cyber security company that offers a wide range of services, from devices to cloud computing , today released the McAfee Labs Threat Report: September 2018. The report examines the trends and trends in new cyber threats in the second quarter of 2018.
McAfee Labs found that crypto mining software, which started to grow in the fourth quarter of 2017, continued to grow during the first half of 2018. McAfee also found that the vulnerabilities used in the 2017 WannaCry and NotPetya attacks continued to be evaluated with new malware versions.
Although it is more rare than ransomware, malicious crypto mining software has quickly become known in the threat field. With about 400,000 increase in the fourth quarter of 2017, examples of new malicious crypto mining software increased by 629% to 2.9 million units in the first quarter of 2018. This trend continued in the second quarter. The total number of samples increased by 86% with more than 2.5 million new samples. McAfee Labs has detected that mining features have been added to legacy malware, such as ransomware.
In some cases, crypto mining has been targeted to target specific groups rather than a broader range of potential victims. A harmful group of crypto mining software targeted players on a Russian forum, appearing as a eden mod ğ claiming to have improved popular games. Players are tricked into downloading malware that uses their computer resources for their own profit.
Although harmful crypto mining software primarily targets computers, there are other devices among victims. For example, Android phones with malware named ADB.Miner in China and Korea were used in Monero crypto currency production for criminals.
Dik A few years ago , we didn’t think that Internet routers, video recorders, and other Internet of Things tools would be used for crypto mining. The processors of these devices were inadequate for this kind of production, sözler said Christiaan Beek, Senior Chief Engineer and Senior Chief Engineer at McAfee Advanced Threat Research. If I were a cyber criminal with 100,000 botnet of this type of IoT devices, I would be able to generate enough crypto money to provide a new and profitable revenue stream.
One year after the WannaCry and NotPetya attacks, the number of new malware samples specifically designed to take advantage of software vulnerabilities increased by 151% in the second quarter. McAfee found that the methods used by these two high-profile threats were used in new malware groups for different purposes. Similarly, new exploits are exploited to reveal completely new threats.
E WannaCry and NotPetya are a powerful example of how cybercriminals can use malicious software to exploit vulnerabilities and quickly spread across networks, amacıyla said Beek. It is surprising to see that many vulnerabilities are used. This situation unfortunately shows that both users and organizations need to do a better job of closing the patches as soon as they come out. birçok
Windows 10 Cortana Vulnerabilities
The research team discovered an open voice in Cortana, Windows 10’s audible assistant. When Microsoft released a patch in June to shut down, it could allow attackers to run code from a lock screen on a completely up-to-date machine (RS3 and RS4 before June patch) using Windows 10. McAfee was merged by Microsoft and focused on three research vectors represented as CVE-2018-8140. McAfee reported this vulnerability to Microsoft in April as part of its responsible disclosure policy.
Billing Scams on Google Play
The research team identified a new billing scam in at least 15 applications on Google Play. This new fraudulent activity shows that cybercriminals continue to find new ways to steal money from victims using applications in legitimate stores such as Google Play. AsiaHitGroup Gang behind fraudulent activities has been actively working since the end of 2016, when they spread Sonvpay.A, a fake installation application that tried to get paid for downloading copies of popular applications from at least 20,000 victims in most of Thailand and Malaysia. then, in November 2017, Sonvpay.B attack on Google Play was detected. Sonvpay.B, determine the country in which the victim is located from the IP address,
Threats to Blockchain Security
The research team identified the biggest security threats to users and those implementing blockchain technologies. Researchers in the analysis of phishing, malware and application deficits were identified as the leading attack vectors.
2018 2nd Quarter Threat Activities
In the second quarter of 2018, McAfee Labs identified five new threats per second. These included new threats to the most recent successful technologies and tactics, using remarkable technical features that further enhance the defense of goals.
The total number of ransomware samples continues to increase. This number grew 57% in the last four quarters. Although families of new ransomware were less likely than the previous quarters, the company said new versions of existing ransomware families were seen. For example, in the second quarter, the company identified a dozen new versions of the Scarab family of ransomware. These new releases account for more than half of the total number of edited versions of the family since it first appeared in mid-2017.
Mobile malware. The number of new mobile malware samples increased by 27% in the second quarter. This was the second quarter of the quarter, with an upturn.
LNK malware. Although PowerShell was effective among malware developers in the past quarters, the growth rate of new samples dropped to 15%. However, new LNK malicious software continues to grow. Cybercriminals have started to use .lnk shortcuts more often to distribute malicious PowerShell command directories and other malicious software. The total number of samples in this category increased by 489% in the last four quarters.
Spam botnets. Gamut’s spam botnet left behind all others in the second quarter. In the phishing attacks for the Canadian Revenue Administration, this botnet was widely used. Recent attacks have been related to counterfeit job offers, which are frequently used for money leasing methods.