In this edition of the Malwarebytes Cybercrime Tactics and Techniques report for the third quarter of 2017, we saw a number of high profile breaches targeting the personal information of hundreds of millions of people. While the Equifax breach may have dominated the news cycle, notable attacks against the UK National Health Service (NHS), Instagram, Whole Foods, and Sonic were also reported. In addition, we’ve observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams.
For the full report, click here. For a summary of the report, check out the video and read on below!
Over the last quarter, we have observed several active spam campaigns pushing the Emotet banking Trojan on Windows systems. This malware makes money by intercepting network traffic and stealing bank account details, then selling them on the black market. In addition, Emotet has also been observed utilizing sophisticated evasion techniques to help hide from security software and spread the infection.
In Mac malware news, we have seen continuous growth and several long-term attackers coming back from the dead; families discovered years ago, made a comeback this quarter with new variants.
What this means is that Macs are beginning to attract more persistent adversaries who see the value in infecting Mac users. Apple still has a minority market share in the personal computer world, but they have become increasingly popular and their product’s mythical immunity to malware has been revealed to be just that, a myth.
This quarter in Android malware, users have been targeted by a new ‘clicker’ Trojan we call Trojan.Clicker.HYJ. This malware has the capability to spread to other devices by utilizing the victim’s contact list.
Potentially unwanted programs
The adware industry has gone to great lengths to avoid detection by security products, which leaves your system wide open to infection by malware. The adware SmartScreen comes bundled with other PUP software, and its overall goal is to push advertising to any user who installs it. It also hooks into the operations of Windows, blocking security software from running. In the report, we take a deeper look at this pseudo-malware and what it can do.
Tech support scams
Multi-language tech support scams are on the rise globally, driven by geo-targeted malvertising campaigns. We expect an increase in the next quarter.
Put these on your calendars:
On October 25 at 11:00 am (PST) we’re hosting a webinar taking a deeper look at this quarter’s Cybercrime Tactics and Techniques report. Register here.
We’ll be doing a live webcast on November 2 @ noon (PST) on Facebook and YouTube. The event is going to feature Thomas Reed, our Director of Mac Offerings, and we are going to talk about historical Mac malware as well as what you are likely to encounter today, and how to stay safe from it.
We hope you enjoy the latest Cybercrime Tactics and Techniques report. We’d love to hear your feedback. What do you think about developments in cybersecurity this last quarter? What would you like to learn about next quarter? Thanks for reading and safe surfing!