2019 State of Malware report: Trojans and cryptominers dominate threat landscape

Labs Cybercrime Tactics and Techniques report finds businesses hit with 235 percent more threats in Q1

The Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report found businesses at the butt end of a bad joke. In just one year, threats aimed at corporate targets have increased by 235 percent, with Trojans, such as Emotet, and ransomware in particular revving up in the first quarter.

Included in the report is analysis of sharp declines in consumer cryptomining and other threats, further cementing the shift away from individual targets and toward businesses, with SMBs in particular suffering because of lack of resources.

“Consumers might breathe a sigh of relief seeing that malware targeting them has dropped by nearly 40 percent, but that would be short-sighted,” said Adam Kujawa, director of Malwarebytes Labs. “Consumer data is more easily available in bulk from business targets, who saw a staggering 235 percent increase in detections year-over-year. Cybercriminals are using increasingly clever means of attack to get even more value from targets through the use of sophisticated Trojans, adware and ransomware.”

In addition to analysis of trending threats, broken down by region and segment (consumer vs. business), this quarter the Labs team added a section on data privacy to the report.

Following its March survey on data privacy, in which respondents overwhelmingly showed concern about protecting their data online, the Labs team highlighted some of its key takeaways and discussed ways in which businesses are failing to shore up that data.

Highlights from the report include:

  • Emotet continues to target enterprises. Detections of Trojans (Emotet’s parent category) on business endpoints increased more than 200 percent since Q4 2018, and almost 650 percent from the same time last year.
  • Ransomware has gained rapid momentum, with an increase of 195 percent in business detections from Q4 2018 to Q1 2019. Compared to the same time last year, business detections of ransomware have seen an uptick of over 500 percent, due in large part to a massive attack by the Troldesh ransomware against US organizations in early Q1.
  • Cryptomining against consumers is essentially extinct. Marked by the popular drive-by mining company CoinHive shutting down operations in March, consumer cryptomining has significantly decreased both from the previous quarter and the previous year.
  • Mobile and Mac devices are increasingly targeted by adware. While Mac malware saw a more than 60 percent increase from Q4 2018 to Q1 2019, adware was particularly pervasive, growing over 200 percent from the previous quarter.
  • The US leads in global threat detections at 47 percent, followed by Indonesia with nine percent and Brazil with eight percent.

To learn more about threats and trends in cybercrime in Q1, download the full report:

Cybercrime Tactics and Techniques Q1 2019

ABOUT THE AUTHOR

Wendy Zamora

Editor-at-Large, Malwarebytes Labs

Wordsmith. Card-carrying journalist. Lover of meatballs.