Sunday 27 September 2020

Eset lists top five malware discovered in 2019

DUBAI, November 4, 2019

Eset is marking this year’s Antimalware Day by taking a look at some of the most pertinent malware discoveries of the year 2019, to emphasize the importance of taking proactive countermeasures against malware.

1.    Machete

Machete is malware that has been used in cyber espionage operations primarily in Venezuela, but also in Ecuador, Colombia, and Nicaragua. The operators use Machete as a tool for spearphishing, predominantly targeting government organizations, such as the military, education, police, and foreign affairs. Once the malware is unleashed via email, it can take screenshots, log keystrokes, access the clipboard, retrieve and encrypt files, and collect the victim’s geolocation.

2.    Android/Filecoder.C

Discovered after a two-year decline in instances of Android ransomware, Android/Filecoder.Cencrypts the files on a mobile device before demanding a payment in Bitcoin for their decryption. Distributed via online forums, these malware files have the capacity to not only encrypt files, but to also send text messages to the victim’s contact list.

3.    Android/FakeApp.KP

This malware is used to phish for login credentials to BtcTurk, a Turkish cryptocurrency exchange. It was the first malware discovered that is able to circumvent restrictions brought in by Google in March 2019, which aimed to strengthen SMS-based two-factor authentication (2FA). Instead of intercepting SMS messages, which became harder for attackers thanks to Google’s new restrictions, this malware reads the notifications that appear on a device’s display in order to obtain the one-time password.

4.    Varenyky

In July, Varenyky launched a sextortion campaign in France, distributed through spam email attachments disguised as bill documents. Once the victim enables macros on the attached document, the computer becomes compromised, and the attacker is able to record the user’s screen. The apparent aim of this malware is to obtain evidence of the victim watching pornographic content, which can then be used for extortion.

5.    KRACK for Echo and Kindle

In January 2019, after more than a year of extensive additional research, Eset reported that many Wi-Fi enabled devices, including Amazon Echo and at least one generation of Amazon Kindle, were still vulnerable to Key Reinstallation Attacks, or KRACK(s), two years after the initial discovery. The vulnerabilities allowed attackers to execute Denial of Service attacks, disrupt network communications, and intercept sensitive information such as passwords. – TradeArabia News Service



More IT & Telecommunications Stories

calendarCalendar of Events