Story image

Malwarebytes reveals APAC countries most targeted by malware

24 Jan 2019

Endpoint protection solutions provider Malwarebytes has today released the third annual State of Malware Report, which analyses top malware threats from January through November 2018 and compares them with the same period in 2017.

The report identifies a sharp increase in business-based malware detections, including massive increases in backdoors, cryptocurrency miners, and the use of exploits against their endpoints. “The year 2018 was action-packed from start to finish,” says Malwarebytes Labs director Adam Kujawa. “It began with threat actors diversifying their cryptomining tactics; broadening their reach to Android, Mac and cryptomining malware; and experimenting with new innovations in browser-based attacks.

“The Asia-Pacific region was highly targeted by bad actors, with five countries among the top 10 countries with most business malware detections globally.”   Key findings for Asia-Pacific include:    1. Businesses took a hit, malware detections increased more than 270% Malware authors pivoted in the second half of 2018 to target organisations over consumers, recognising that businesses provided a bigger payoff.

Overall business detections of malware rose significantly over the last year—270%—primarily due to the increase in backdoors (5137%), cryptocurrency miners (1184%), and the use of exploits against their endpoints (3690%), suggesting a greater need to patch and secure endpoints.    2. Australia, Indonesia, Malaysia, Thailand and the Philippines all finished in the top 10 countries with most business detections globally. Five countries in APAC made the top 10 for the most business threat detections per country in 2018, by volume.

This includes Australia, which ranked first, Indonesia, Malaysia, Thailand and the Philippines, which ranked second, fifth, sixth, seventh and tenth on the global rankings respectively.

Indonesia, Malaysia and Thailand have been fending off an influx of backdoor malware in their business networks.

In Australia, the main threat was adware and cryptomining, a big reason to be concerned as many miners and adware families drop additional malware, modify system settings, slow down or use up computing power, or otherwise disrupt operations.   3. Cryptominers were the all-stars of the year In APAC, Malwarebytes saw a massive wave of cryptocurrency miners.

While cryptomining detections increased only by 7% globally, in Asia-Pacific, Malwarerbytes saw a 1184% increase year-over-year.

Threat actors seemingly abandoned all other forms of attack for experimentation in this new technique, spanning from desktop to mobile; Mac, Windows, and Android operating systems; and software and browser-based attacks.   4. WannaCry infections are still spreading in Asia-Pacific In the APAC region, the biggest ransomware threat is WannaCry infections that are still spreading to unpatched endpoints and laterally moving across networks.

The payload should be neutered, in the sense that the malware can install but won’t encrypt anything.

Overall, while ransomware isn’t the wide-ranging threat it was in 2017, there were more sophisticated attacks aimed at businesses, especially across education, manufacturing and government verticals.

Indeed, the main spike in numbers has been in the realm of the workplace.   5. Globally, education, government, manufacturing and healthcare were the top industries impacted by Trojans. When we zoom in on the Trojan category to look at its top family – Emotet, the industries shift.

Education, manufacturing and hospitality top the list.

The current trends with Trojans are likely to continue, while there are opportunities for criminals to exploit weak configurations and outdated assets.

However, the greater concern is the copycats and new generations of families that are likely going to dominate 2019 across verticals and around the globe.   Malwarebytes Asia-Pacific area vice president and managing director Jeff Hurmuses says, “We experienced another very active year for malware that shows no signs of stopping.”   “Attackers continued to shift their methodologies to follow the payload. We saw evidence of this with a strong focus on attacking businesses with insecure and unpatched networks.

From massive data breaches to ransomware attacks, businesses are experiencing what consumers have been dealing with, but on a larger scale,” he says.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
65% of manufacturers run outdated operating systems – Trend Micro
The report highlights the unique triple threat facing manufacturing, including the risks associated with IT, OT and IP.
WikiLeaks' Julian Assange arrested in London
There’s little doubt that it’s a day of reckoning for WikiLeaks cofounder Julian Assange today, after his seven-year long protection inside London’s Ecquador Embassy came to an abrupt end.