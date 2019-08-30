Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

Fileless Malware Detections Soar 265% in 2019

Fileless malware, BEC, digital extortion and ransomware attacks all grew significantly between 2018 and the first six months of this year, according to new data from Trend Micro.

The security giant blocked over 26.8 billion threats in the first half of the year, over 90% of which were email-borne, according to its mid-year roundup report, Evasive Threats, Pervasive Effects.

Of these detections, it spotted a massive 265% year-on-year increase in fileless techniques designed to stay hidden from traditional tools, by executing in a system’s memory, residing in the registry, or abusing legitimate tools.

Although cryptocurrency mining was the most detected threat in 1H 2019, the more eye-catching growth in detection went to digital extortion attempts, which jumped 319% from the second half of 2018, and BEC, which increased 52% over the same period.

Ransomware is also back on the rise: with related files, emails and URLs recording a 77% increase on the previous six months.

Although the number of new ransomware families dropped by 55% over the period, there were concerning signs of existing variants containing destructive capabilities beyond file encryption.

Ryuk can prevent infected systems from even rebooting, for example, while LockerGoga also modifies user account passwords. Some, such as BitPaymer, use fileless techniques such as abuse of the common PsExec tool.

One surprise from the report was the re-emergence of exploit kits, which recorded a 136% increase compared to the first half of 2018, although the volume of detections at 321,000 is far below the peak activity observed three or four years ago.

These have also been observed in conjunction with fileless techniques.

“One notable exploit kit from the first half of 2019 was Greenflash Sundown, which was used by the ShadowGate campaign through an upgraded version capable of living off the land, that is, using an updated PowerShell loader to filelessly execute the payload,” the report explained.

The volume of threats blocked by Trend Micro in the first half of 2019 increased by around six billion from the same time last year, which could signal either a ramp-up in cybercrime activity or improved detection.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

#OSSummit: Linux Continues to Pay the Price for CPU Hardware Vulnerabilities

2
News

NATO: Attack Like WannaCry Could Prompt “Collective Defense Commitment”

3
News

New Botnet Targets Android Set-Top Boxes

4
News

The Great, Big Ransomware Revival

5
News

Phishing Campaign Hides Malware in Resumes

6
News

Global Breach Costs Set to Top $5 Trillion By 2024

1
News

Fileless Malware Detections Soar 265% in 2019

2
News

HackerOne Announces Five New $1m White Hats

3
News

Huawei Faces Android Blackout on 5G Smartphone

4
Opinion

Why Focusing on Threat Hunting May Leave you Vulnerable

5
News

Phishing Campaign Hides Malware in Resumes

6
News

Facial Recognition Technology Creates a Fine Mess in Sweden

1
Webinar

How SOAR Can Improve Security Operations, Monitoring & Incident Response

2
Webinar

Mastering the Security Art of Identity, Access & Authentication

3
Webinar

DNS: From Security Risk to Defensive Asset

4
Webinar

The Key to Successful Cybersecurity Projects: Asset Management - Asking the Right Questions

5
Webinar

Can You be Secure by Design, Compliant and Enable Optimum Functionality?

6
Webinar

The Five Stages of Insider Threat

1
Blog

Security by Sector: Cyber-Attackers Targeting the Education System

2
Interview

Interview: Adnan Baykal, Global Cyber Alliance

3
News Feature

Webinar Report: How to Spearhead Careers & Bolster Cyber Defenses

4
Webinar

How SOAR Can Improve Security Operations, Monitoring & Incident Response

5
Opinion

#HowTo Gain Visibility of Third Parties

6
News

#Alevelresults: Cybersecurity Options Appear