WannaCry is the most common Android ransomware: Bitdefender
GUEST RESEARCH: Bitdefender has released its September 2022 Threat Debrief analysing the most popular malware and cyber attack techniques.
Some of the key findings include:
• Most popular ransomware strains: After analysing the ransomware variants detected in August 2022, Bitdefender found 193 active ransomware families. The most prevalent were:
◦ WannaCry (48% of detections) – this strain made headlines around the world when a campaign using the variant impacted organisations across the globe in 2017. It was particularly infamous due its exploitation of Eternal Blue, an exploit developed by the NSA and stolen by a group called The Shadow Brokers shortly before the attack.
|
◦ GandCrab (16%) – a ransomware-as-a-service strain whose authors infamously claimed to have generated $2 billion in ransom payments before announcing their ‘retirement’ on a cybercrime forum in 2019. Bitdefender released the world’s first decryption tool to help victims reclaim their data for free in February 2018. Despite the author’s apparent retirement, the strain is still popular among attackers.
◦ Cerber (10%) – another ransomware-as-a-service strain where an attacker licenses the malware from the creators and splits the illicit profits with them. This strain uses the double extortion method of both encrypting victim data and exfiltrating it before threatening to release it publicly if demands aren’t met.
• Most popular Android trojans: Bitdefender telemetry throughout August 2022 discovered multiple trojans targeting the Android mobile operating system. The most prevalent strains were:
◦ Downloader.DN (41% of detections) – Repacked applications taken from Google App Store and bundled with aggressive adware. Some adware downloads other malware variants.
◦ SMSSend.AYE (23%) – Malware that tries to register as the default SMS application on the first run by requesting the consent of the user. If successful, it collects the user’s incoming and outgoing messages and forwards them to a command and control (C&C) server.
◦ Agent.AQQ (16%) – A dropper malware that hides a malicious, encrypted payload inside an app. If it is able to avoid the phone’s security, it decrypts and loads the payload.
• Most spoofed domains: The research also uncovered trends in homograph attacks, where attackers abuse international domain names to create websites that have very similar URLs to popular sites. The most commonly encountered websites being spoofed in August were:
◦ blockchain.com (29%)
◦ myetherwallet.com (15%)
◦ facebook.com (14%)
The full research is available here https://businessinsights.bitdefender.com/bitdefender-threat-debrief-september-2022.
GET READY FOR XCONF AUSTRALIA 2022
Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.
In its fifth year, XConf is our annual technology event created by technologists for technologists.
Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.
Explore how at Thoughtworks, we are making tech better, together.
Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.
Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event
PROMOTE YOUR WEBINAR ON ITWIRE
It’s all about Webinars.
Marketing budgets are now focused on Webinars combined with Lead Generation.
If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.
The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.
Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
MORE INFO HERE!
Comments are closed.