Malware Spikes by 35% in Q3

Malware Spikes by 35% in Q3

Malware volumes are going up, up, up—to the tune of 35% more in the wild in Q3 than was seen in Q2.

AppRiver’s Q3 Global Security Report found malware traffic expanded for the fourth straight quarter, with security analysts quarantining 5.7 billion emails containing malware. For comparison, this quarterly total is more than triple the 1.7 billion emails containing malware that analysts observed during all of 2015.

The report also found that the three primary file formats malware has been coming in are JScript (.js), Windows Script Files (.wsf), and macro-enabled documents (.doc and .xls). And, DDoS-sourced malware is on the rise, according to the security research team at AppRiver, with disruptions caused by botnets comprised primarily of IoT devices, like Mirai.

The first attack making headlines, aimed at security blogger Brian Krebs’s website, temporarily shut it down through a massive botnet of more than 150K IoT devices. Soon after, a similar attack reported a 1Tbps attack from hosting company OVH.

“As more IoT devices become connected and unless consumers start taking the time to install these devices more securely, this trend may only get worse in the short term,” said AppRiver manager of security research, Troy Gill.

The quarter also saw the appearance of the Trident malware. In August, after Apple’s security update, a very advanced exploit chain type malware was discovered using multiple zero-day exploits that could essentially jailbreak an iOS9 device. That gave the attacker access to emails, texts, voice calls and more. Apple has patched it, but it could be a sign of more malware being engineered specifically for iOS.

The quarter also showed that ransomware remains extremely popular, and there have been various versions with specific targets seen over the past few months. Locky and Zepto are still some of the reigning champs as far as volume goes, but a few others have been seen lurking online these days, including EduCrypt, IoT Ransomware and MarsJoke.

Spam traffic also remained steady throughout Q3, with AppRiver quarantining 2.34 billion spam messages. PayPal-themed phishing messages especially spiked in the third quarter.

Overall and unsurprisingly, the report found that data breaches remain a major concern for organizations across the globe, such as Yahoo, the hack of DNC emails, stolen NSA hacking tools and even an iCloud account containing private pictures of the royal couple.

Photo © chereeoff

Source: Information Security Magazine