Evasive malware now used in majority of attacks

By Dylan Bushell-Embling
Thursday, 26 March, 2020

Evasive malware now used in majority of attacks

Evasive malware designed to hide from conventional signature-based antivirus detection has grown to account for more than two-thirds of total malware attacks, according to WatchGuard Technologies.

The network security and intelligence company's Internet Security Report for Q4 2019 found that use of evasive malware spiked significantly during the quarter from the year-long average of 35%.

The company warned that evasive malware is becoming the rule rather than the exception, and urged companies to consider more advanced forms of malware defence than traditional solutions.

Another attack vector that is seeing significant growth in adoption involves SQL injection attacks. Such attacks became the most common network attack of 2019 by a wide margin after surging 8000% since 2018.

Meanwhile, attackers are increasingly using automated malware distribution to cover more targets simultaneously. WatchGuard research found that many attacks are now hitting around 70% to 80% of the Firebox firewall-in-a-box appliances it uses to track attacks in a single country.

During the quarter, the roughly 40,000 appliances used to collate threat intelligence data blocked over 34.5 million malware variants and nearly 1.9 million network attacks.

Also during the quarter, WatchGuard identified widespread phishing campaigns that are still exploiting a Microsoft Excel vulnerability first discovered in 2017. The dropper malware is used to download several other malware variants into an infected PC.

One of the malware samples used in the attack campaign — the Agent Tesla keylogger malware — has also been used in several phishing attacks last month that aimed to manipulate fears around the coronavirus.

Finally, WatchGuard noted that Mac malware, particularly adware, is growing in popularity among attackers. In Q4, one of the top compromised websites hosts a macOS adware called Bundlore that masquerades as an Adobe Flash update.

Image credit: ©stock.adobe.com/au/Lasha Kilasonia

Related Articles

Getting the balance right between business innovation, security and AI

As businesses continue to digitise their operations, traditional security measures may no longer...

If you want to fix cyber, stop trying to fix people

We need to stop trying to fix people and start understanding and supporting them with the right...

Managing through uncertainty requires facing security unknowns head on

Understanding the attack surface in its entirety is not just a tactical advantage; it is a...

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd