Cybercrooks focusing more on credential theft


By Dylan Bushell-Embling
Thursday, 05 October, 2017

Cybercrooks focusing more on credential theft

Cybercriminals are increasingly focused on the theft of log-in details and other credentials, according to WatchGuard’s latest Internet Security Report.

The report found that a popular open source tool used for credential theft — Mimikatz — was used so frequently during the second quarter that it made the top 10 list of malware variants for the first time, accounting for 36% of the top malware.

Likewise, phishing attacks increasingly incorporated malicious JavaScript code in HTML attachments to phishing emails that mimic login pages for popular sites including Google and Microsoft. Attackers also targeted the theft of Linux passwords in Northern Europe.

The quarterly Internet Security Report is based on anonymised Firebox Feed data from around 33,500 WatchGuard UTM appliances.

“The Firebox Feed data from Q2 shows that threat actors are more focused on credential theft than ever before. From JavaScript-enabled phishing attacks and attempts to steal Linux passwords, to brute force attacks against web servers, the common theme here is that login access is a top priority for criminals,” WatchGuard Technologies CTO Corey Nachreiner said.

“Knowing this, businesses must harden exposed servers, seriously consider multifactor authentication, train users to identify phishing attacks and implement advanced threat prevention solutions to protect their valuable data.”

The report also found that nearly half (47%) of the malware detected during the quarter was new or zero day, rendering traditional signature-based antivirus detection powerless to detect them.

In total, more than 16 million malware variants were detected and blocked during the quarter, with an average of 488 samples blocked per installed WatchGuard device.

Image credit: ©stock.adobe.com/au/monsitj

Follow us and share on Twitter and Facebook

Related News

DigiCert acquires Valimail to boost email security

DigiCert has acquired DMARC provider Valimail in a bid to enhance its email authentication...

Akamai adds secure browser to ZTNA portfolio

Akamai has partnered with Seraphic to incorporate secure enterprise browser capabilities into its...

Rubrik announces CrowdStrike Falcon integration

Rubrik has announced the integration of its Rubrik Identity Resilience solution with the...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd