We all know the internet has never been a safe place since the advent of cyber threats – a risk that has constantly been on the rise. But did you know there were close to 152 million ransomware threats and 7.2 billion malware attacks launched in the first three quarters of 2019 alone?
So which types of malware did the most destruction in 2019? What were the biggest and nastiest of the malware threats that businesses encountered this year? In this article, we briefly explore the nature of these malware attacks and how they did what they did.
A Roundup of 2019’s Biggest and Nastiest Malware Attacks
Type 1: Phishing
- Email-based malware campaigns
Email-based malware campaigns have seen unprecedented growth in sophistication this year. Not only has phishing become more personalized, but the nature of extortion emails has also become more severe – some of them claim to their victims that they have captured inappropriate behaviour on camera with the help of compromised devices or passwords. The malware software makes cunning attempts at exploiting the underlying fear response of its gullible victims.
- Business email compromise (BEC)
This type of cyber attack often targets individuals who are involved in buying gift cards or making payments on behalf of their employer or company. The hackers use spoof email accounts trying to impersonate representatives of top global brands or even one of their own colleagues. This way they trick the victims into giving up a lot of sensitive information.
Type 2: Cryptojacking and Cryptomining
- Hidden Bee
This malware virus got big last year by relying heavily upon loopholes of Internet Explorer. However, now it has the capability to deliver payloads inside PNG and JPEG images, apart from steganography, WAV media formats, and flash related exploits. Who said malware removal could fix such serious cyber threats?
One of the biggest crypto-mining worms, it has claimed more than 850,000 victims. Back in August this year, French National Gendarmerie’s Cybercrime Fighting Center (C3N) had to intervene and take control over the malware operation’s central command and control server.
Type 3: Botnets
This one ranks amongst the most prevalent and destructive malware of 2018 and continues to live up to its reputation still in 2019 as the largest botnet till date. Even though it was overpowered in June, Emotet is back for vengeance since September of this year – back to delivering countless malicious payloads to its victims and not willing to stop anytime soon!
What could be more threatening than a botnet operation that has partnered with the infamous banking Trojan groups like Ursif and IcedID? Trickbot takes its strength from its modular infrastructure, which makes it a serious threat for just about any network it can infect. However, all hell breaks loose when it’s combined with Ryuk ransomware, which experts believe is one of the most destructive cyberattacks of 2019.
Dridex initially rose to fame as a serious banking Trojan, back in the day. Its plan of attack has changed more recently: it acts as an implant in the chains infected by Bitpaymer, another ransomware known for its highly targeted attacks. This mode of attack has proved to be shockingly successful and highly destructive in 2019.
Type 4: Ransomware
- Combined attack by Emotet, Trickbot, and Ryuk
Yes, you read that correctly! With one attack leading to the next, this “triple threat” certainly ranks as one of the most terrifying ransomware threats that experts seem to have encountered thus far – the worst in terms of the financial damage it causes to its victims.
Experts are claiming this to be one of the best malware examples for ransomware-as-a-service (RaaS) till date. Experts believe GandCrab may have close links with the REvil/Sondinokibi ransomware, a cyber threat that was identified in April of this year.
- Crysis (aka Dharma)
This nasty ransomware ruled the first half of 2019 and filled the hearts of ethical hackers with terror. It’s notable how almost all Crysis infections were largely distributed due to RDP compromise, among other security loopholes.
Having an active cybersecurity plan and an IT security team has become a necessity for businesses in the digital age – and the best plan of action is to be prepared for the worst. It’s in your organisation’s best interest to let IT security professionals pave the way for future growth and never ignore the kind of risks that nasty malware poses for businesses in 2020 and beyond.
For more updates and news in this regards, do not forget to check this space again soon!