The number of cyber attacks through remote desktop Protocol increased by 140%Ekaterina Aleksandrova | 03.11.2020
The company ESET has released a ranking of the most common threats identified by the experts on information security in the third quarter of 2020 After several months continuous
use themes COVID-19 with malicious purposes, the hackers have returned to a number of their previous tactics.
RDP
As many companies in the world still operate in the home office, remote desktop Protocol (RDP) always becomes the object of interest of cyber criminals. ESET
recorded an increase of a third in the number of attacks on unique users brute-force. While attacks on RDP has become 140% more compared to the previous quarter.
Cryptobinary
After a long decline during the previous months activity of cryptainer began to grow. The increase in identify this kind of malware is associated with an increase in the price of Bitcoin. The cost
cryptocurrency has reached the highest value over the past two years. If in March 2020, the bitcoin exchange rate was $5000, then in September, the bitcoin was already evaluated at $12000.
In addition, experts ESET found the malware to obtain cryptocurrency KryptoCibule. It is complex tactics. In particular, the threat uses the device resources of the victim for extraction
crypto-currencies and is trying to gain unauthorized access to user transactions, replacing the wallet address to the clipboard. Also, the malware steals the files associated with the
cryptocurrency, and uses complex techniques to avoid detection.
Email threats and WannaCry
The total volume of infected emails increased by 9%. The most common, as in the second quarter, remains a threat to Win/Exploit.CVE-2017-11882 — malicious document, which
exploits a vulnerability in Microsoft Office to download more dangerous programs on the computer. More than 70% of malicious attachments were executable files. More than 15% the script file, and
Office documents. Executable files in attachments are often disguised by using double extensions. So the attackers forced the recipients to open the attachment, using the fact that the expansion for
known file types are hidden by default in Windows.
The most popular types of malicious e-mail attachments
Total identified spam increased by 4% compared to the previous quarter. In the third quarter of attackers are still abused topic of coronavirus for profit. Using
the financial difficulties that many faced, the cyber fraudsters were impersonating a legitimate organization and trying to manipulate the victims to obtain their confidential information. Among
others, through such distribution extended version of the infamous malware WannaCry.
ESET telemetry data indicate that during the summer and early fall attacks ransomware has become less, but more than half of all identified specimens in this category of viruses had to
Win/Filecoder.WannaCryptor.
Ranking the identified samples of ransomware
Security home Internet devices
In the third quarter of ESET experts discovered an extended version Kr00k. The vulnerability allowed to intercept and decrypt traffic Wi-Fi.
The main problem with security routers the default password to log into the admin interface. The most popular combinations among the studied devices was “admin”, “root”, “1234” and
“12345”.
Threats for macOS
There is a tendency to decrease in the volume of malware for macOS. In General, the number of identified specimens decreased by 21% compared to the second quarter.
The large fluctuation in activity was unwanted applications, but without significant growth. For all other categories, such as adware, Trojans, and potentially dangerous
program, the number of identified specimens remained stable.
Threats for macOS in the II and III quarters of the year 2020
Threats to Android
The total volume of identified threats to Android devices declined by 19%. Most malware activity was recorded in July 2020. This surge is associated with the activation of malicious
programs that after installation, hiding its icon and show Intrusive ads.
Banking malware
In the third quarter of the activity of banking malware continued to decline. The most common threat since the beginning of the year is Trojan JS/Spy.Banker. Hackers use it to steal financial
and other private information.
Spyware and backdoors
The detection rate spyware and backdoors in the third quarter of 2020 decreased slightly compared to the previous quarter.
The largest increase in distribution was observed in spyware Win/Spy.Socelars. It steals the saved passwords in browsers, as well as banking details from the compromised account
records.
Web threats
ESET experts fixed the General decrease in the activity of major web threats at 16%. This decline has affected almost all categories including spam, phishing and distributing malware.
cyber security, cyber Threats
Eset