Cybercrooks focusing more on credential theft

By Dylan Bushell-Embling
Thursday, 05 October, 2017

Adobestock 125097090 carousel

Cybercriminals are increasingly focused on the theft of log-in details and other credentials, according to WatchGuard’s latest Internet Security Report.

The report found that a popular open source tool used for credential theft — Mimikatz — was used so frequently during the second quarter that it made the top 10 list of malware variants for the first time, accounting for 36% of the top malware.

Likewise, phishing attacks increasingly incorporated malicious JavaScript code in HTML attachments to phishing emails that mimic login pages for popular sites including Google and Microsoft. Attackers also targeted the theft of Linux passwords in Northern Europe.

The quarterly Internet Security Report is based on anonymised Firebox Feed data from around 33,500 WatchGuard UTM appliances.

“The Firebox Feed data from Q2 shows that threat actors are more focused on credential theft than ever before. From JavaScript-enabled phishing attacks and attempts to steal Linux passwords, to brute force attacks against web servers, the common theme here is that login access is a top priority for criminals,” WatchGuard Technologies CTO Corey Nachreiner said.

“Knowing this, businesses must harden exposed servers, seriously consider multifactor authentication, train users to identify phishing attacks and implement advanced threat prevention solutions to protect their valuable data.”

The report also found that nearly half (47%) of the malware detected during the quarter was new or zero day, rendering traditional signature-based antivirus detection powerless to detect them.

In total, more than 16 million malware variants were detected and blocked during the quarter, with an average of 488 samples blocked per installed WatchGuard device.

Image credit: ©

Follow us and share on Twitter and Facebook

Related News

Symantec CEO to speak at CeBIT Australia

The opening cybersecurity keynote speaker at CeBIT Australia will be Symantec CEO Greg Clark.

Cybercriminals to ramp up use of known flaws

The 2017 threat landscape was dominated by major attacks exploiting known but unpatched...

Cybersecurity skills shortage to be rectified

A shortage in national cybersecurity skills has led the Victorian Government to push for a...

  • All content Copyright © 2017 Westwick-Farrow Pty Ltd