Malwarebytes Report Highlights Including: GandCrab, Samsam & Crypto Mining

Conclusions from the Malwarebytes Cybercrime Q2, 2018 tactics and techniques report include:

GandCrab is new king of ransomware, Cryptominers have hit a plateau, VPNFilter may be a sign of a new genre of sophisticated malware: “Multi-purpose malware,” and adware is still as “prolific” as ever.

This info came from a recent analysis of millions of computers all using the Malwarebytes software. Although ransomware detection has reportedly dropped by 12% this quarter on the consumer end and by 35% on the business end, that certainly does not mean it’s gone away.

GandCrab has largely been the most profuse ransomware, in part down to the product’s use by the Magnitude botnet. There’s a GandCrab decryptor available on NoMoreRansom’s website, however, Malwarebytes cautions that the risk is always there that the newest versions essentially being distributed via a variety of exploit kits actually “have no solution in place.”

New ransomware that was mentioned in the report includes Spartacus, a simple software for which there is no decryptor. However, according to the report, “Spartacus is the kind of software one expects to find offered on a script kiddie forum. There’s no online functionality whatsoever. It seems likely (because the RSA key is embedded in the ransomware), that the private key is held on the author’s server. Decryption for all victims is possible, should this key ever be leaked.”

SamSam is sophisticated. Malwarebytes asserted, “While SamSam has been around for some time, recent evolutions in the attack vector and methodology have proven novel in their approach and successful for the attackers –raking in over $1 million this year.” Unlike lots of other ransomware, SamSam “specifically targets and compromises its victims before encrypting the files.”

Recently, a lot of commentators have asserted that criminals have started shifting their focus less on ransomware and more on crypto mining. Malwarebytes telemetry shows that the growth of crypto mining has now plateaued. It’s on a decline on the consumer end, and next quarter, the firm is expecting it to also decline in the business sector, as well. Suspicion is that criminals aren’t getting the returns they expected they expected for their efforts. However, decline or growth may very well rely on whether crypto coin values rise or fall. Business detections increased by only 5%, yet consumer detections dropped by 36%.

Always seemingly near the top of malware detections lists, Adware detections actually increased by 19% in the consumer area and dropped by 7% on the business end, thus making it the 3rd most prolific threat.

This article makes me think about updating my antivirus software, what about you?

Let us know your thoughts in the comments section.

Related posts

Vulnerabilities In Cinterion Cellular Modems Threatened IoT And Industrial Devices

Google Admits Active Exploitation For Chrome Browser Zero-Day

Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence