McAfee Labs Reports All-Time Highs for Malware in Latest Count
In the third quarter of 2017, McAfee Labs reports all-time highs of new and total malware. What is causing the increasing numbers of malware that are submitted to us at an average rate of four new malware samples per second?
One major trend that continues in Q3 is the abuse of Microsoft Office–related exploits and the use of malicious code in macros that activates PowerShell to execute them, so-called fileless attacks.
In March, an exploit was released that took advantage of CVE-2017-0199, a vulnerability in how Microsoft Office and WordPad handle specially crafted files that could result in remote code execution. During Q3, we saw an increase in the number of crafted files that were submitted. We also noticed that many releases take advantage of a toolkit on GitHub that makes it quite easy to create a “backdoor” attack:
Another major event in Q3 was a massive spam campaign to distribute a new version of the infamous Locky ransomware “Lukitus.” Within 24 hours, more than 23 million emails were sent. Shortly after the first arrived, security company Comodo Labs discovered another campaign related to this attack that sent more than 62,000 spam emails distributing the ransomware.
With banking Trojans, we observed the greatest activity from the Trickbot Trojan. We saw several variations in which the actors added new features to their code, for example, cryptocurrency stealing, embedding the EternalBlue exploit, and employing different ways of delivering the malware, which primarily targets the financial sector.
Another banking Trojan family that appeared often during the quarter was Emotet. In several spamming campaigns users were asked to download a Microsoft Word document from several locations. From our analysis of the attached document, we found the payload was hidden in the macros that used PowerShell to install the Trojan.
These major campaigns and others caused a tsunami of spam email, distributing a tremendous number of samples that increased the malware storage demands of all of us in the security industry.
For more details and our usual statistics on malware, breach incidents, and web and network threats, read the McAfee Labs Threats Report, December 2017.
The post McAfee Labs Reports All-Time Highs for Malware in Latest Count appeared first on McAfee Blogs.
Read more: McAfee Labs Reports All-Time Highs for Malware in Latest Count
More antivirus and malware news?
- Google and WhatsApp chiefs back Apple in backdoor fight
- Eleven-year-old root flaw found and patched in the Linux kernel
- How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer
- Resolved: chat.psu.edu Outage
- Dorms, Degrees, and Data Security: Prepare Your Devices for Back to School Season
- Microsoft Internet Explorer CVE-2014-0325 Memory Corruption Vulnerability
- Security pros pan and praise Microsoft’s plans on updating Modern apps in Windows 8, RT
- SQL injection in Trend Micro’s Control Manager
- Juniper Junos CVE-2019-0055 Denial of Service Vulnerability
- Cloudflare can now send DDoS alerts for sites under attack