Top 6 Malware Trends In 2019

Image result for malware

Malware authors continue to innovate, find new infection vectors and better obfuscate their wares. Heading into 2019, you can bet that cybercriminals will do everything in their power to become even more effective and virulent. Here are 10 top malware trends:

Fileless Malware
Fileless malware infects targeted computers leaving behind no artifacts on the local hard drive, making it easy to sidestep traditional signature-based security and forensics tools. Typical attacks exploit vulnerabilities in browsers and associated programs (Java, Flash or PDF readers), or via phishing efforts. Fileless malware attacks nearly doubled in the first half of 2018 alone, according to SentinelOne, and is sure to plague 2019 too. The use of fileless malware in attacks continues to grow and now represents 42 out of 1,000 endpoint attacks, according to an analysis of 2018 data by one security firm. The uptick represents a 94 percent increase in the use of fileless-based attacks between January and June 2018.

Shamoon, Black Energy, Destover, ExPetr/Not Petya and Olympic Destroyer: All of these wiper malware, and others like them, have a singular purpose of destroying systems and/or data, usually causing great financial and reputational damage to victim companies. The actors behind this kind of code might be bent on sending a political message, physical sabotage or simply wanting to cover their tracks after data exfiltration. Shamoon 3 recently appeared, so it’s likely that wipers will continue to be an area to watch in 2019.

Emotet was once a simple banking trojan – but has now evolved to become a full-scale threat-delivery service, with the ability to leverage third-party, open-source code libraries. It recently added a mass email-harvesting module and macro obfuscation, and it continues to be one of the most prevalent malware out there. Expect it to continue to add new capabilities in the new year.

In 2018, botnets evolved to target different types of devices, such as carrier-grade MikroTik hardware; and, there was also a host of new types of criminal activity, with botherders creating new botnet malware with modular architectures to do everything from DDoSing targets to spreading secondary malware. New types of configurations surfaced, like self-organizing botnet swarms, and there was increased law enforcement interest – all trends that are expected to continue into 2019.

APT Malware
Nation-state-backed actors continue to operate from the shadows, challenging researchers in attribution and looking to stay as stealthy as possible in order to carry out their espionage efforts. Custom malware is very much a part of the APT scene (although a move to commercial tools has also been spotted), and APTs like Sofacy are actively evolving their code. In 2019, expect APTs to continue to upgrade their bag of tricks to increase the effectiveness of their campaigns.

Attackers behind ransomware incidents are growing smarter and savvier – as we saw in 2018, in the cases of the Atlantaransomware attack and the Onslow Water and Sewer Authority (OWASA) ransomware attack. Experts say the attackers behind these attacks did their homework by picking a number that they know the victim can afford to pay, or in the case of the OWASA, a time period (after Hurricane Florence hit) where the water utility was needed.