Top Findings Include Spike in Banking Trojans; Adware Getting Sneakier and More Damaging; the re-Emergence of Exploit Kits
BE’ER SHEVA, ISRAEL and BOSTON, MA – December 18, 2018 – Morphisec, the worldwide leader in Moving Target Defense for the enterprise and the mid-market, today released the December 2018 edition of the Morphisec Labs’ Threat Report (MLTR). The report analyzes comprehensive threat data collected from approximately 2,000,000 Morphisec protected endpoints globally during the second part of the year, as well as from in-depth investigations conducted by the Morphisec Labs threat research team.
Morphisec research reveals key cyber threat trends, with a specific focus on highly advanced, evasive types of attacks that are able to bypass antivirus and other security tools. It includes technical details on specific attack techniques and tactics used, with a set of comprehensive threat analyses and risk-assessments on five of the most critical threats to enterprise organizations. This expanded edition also takes a look at threats and threat trends specific to the Finance and Banking industry, and how these impact customer outlook and behavior.
Key findings of the December 2018 MLTR include:
- Banking Trojans represented 25% of all attacks, up from 16.7% in Q1.
- Adware and potentially unwanted programs (PUPs) continue to be the largest group of threats prevented by Morphisec, representing 40% of all attacks.
- Coin mining malware remained popular accounting for 30% of attacks.
- Exploit kits, some which hadn't seen updating years, are back in play, incorporating new Flash, VBScript and Acrobat vulnerabilities.
- The top ransomware threat prevented was GandCrab.
- 100% of attacks prevented by Morphisec involved at least one fileless technique, with approximately 15% of attacks never dropping a malicious executable on disk.
“Morphisec Labs performs dynamic threat research for our customers and partners because of the dynamic nature of the way attack campaigns can occur,” said Michael Gorelik, Chief Technology Officer and Head of Threat Research at Morphisec. “Attacks targeting the banking industry, and specifically payment records and credentials, consistently topped Morphisec’s threat list for the second half of 2018. However, the preferred variant of banking trojans shifted as Emotet disappeared from the scene in Q3, giving way to Trickbot attacks. Malicious actors utilizing banking trojans to make a quick financial profit are especially dangerous during Q4 as holiday browsing habits make victims more susceptible to threats.”
Fortunately, the majority of enterprises and consumers are aware of these growingly sophisticated attacks targeting their financial data. Despite the highly publicized cyber threat to the U.S. voting system this year, research commissioned by Morphisec in the second half of 2018 found 80% of the general population is more concerned with their personal financial data being breached by a state-sponsored cyber attack than their voter registration data.
Morphisec Labs is dedicated to fostering strong collaboration, data sharing and offering investigative assistance. The team continuously researches attacks and threats to improve defenses and to share insight with the broader cyber community. Morphisec is also actively working with The Department of Homeland Security (DHS) to develop ways to prevent cyberattacks on America’s financial institutions.
“The landscape of threats continues to iterate based on IT modernization trends, access to systems and, for attackers, how quickly and efficiently they can deconstruct traditional defense techniques and technology,” said Keyur Dessar, CIO– Essar Ports & Shipping and Head Info-Security, Network & Communications, Essar Group in his foreword for the report. “The research out of Morphisec Labs is essential to understanding exactly what some of the key threat trends really are, and it’s important for every security practitioner to explore how dedicated researchers are analyzing threats for the betterment of the market.”