TMCnet News
'Locky' Ransomware Shoots Back Up Global Malware Rankings, says Check PointSAN CARLOS, Calif., Oct. 12, 2017 (GLOBE NEWSWIRE) -- Check Point® Software Technologies Ltd. (NASDAQ:CHKP), a leading provider of cyber-security solutions globally, has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally, according to the company’s latest Global Threat Impact Index. Locky has not appeared in the company’s top ten ‘most wanted’ malware ranking since November 2016, but the ransomware rose sharply to second place in September, powered by the Necurs botnet, which in itself was ranked at number ten in the table. These attacks propelled Locky up 25 places in the index, to sit just behind the RoughTed malvertising campaign. Locky’s distribution began in February 2016, and it rapidly became one of the world’s most prominent malware families. It spreads primarily via spam emails containing a downloader disguised as a Word or Zip attachment which contains malicious macros. When users activate these macros – usually via a social engineering instruction – the attachment downloads and installs the malware that encrypts the user files. A message directs the user to download the Tor browser and visit a webpage demanding a bitcoin payment. In June 2016, the Necurs botnet released an updated version of Locky containing new detection avoidance techniques. The resurgence of Locky shows that businesses can never rest on their laurels as far as malware is concerned. Sophisticated cybercriminals will continually seek ways of tweaking existing tools to make them potent again, while powerful botnets can give old variants a new lease of life, enabling them to rapidly target users around the globe. That more than one in ten organizations around the world seemed to be affected by a single ransomware family in September, underlines how existing malware can be just as dangerous as brand-new variants. September 2017’s Top 3 ‘Most Wanted’ Malware:
HackerDefender, a user-mode Rootkit for Windows, which was the third most prevalent malware in August, dropped out of the top ten altogether. The most popular malware used to attack organizations’ mobile devices was Triada which moved up from third place, followed by Hiddad and Lotoor: Top 3 ‘Most Wanted’ mobile malware:
At Check Point, we believe it is important to deploy a multi-layered cybersecurity strategy that protects against both established malware families as well as brand new, zero-day threats. Effective cyber security tools look for suspicious behaviors or general characteristics, like embedded macros in documents, not just familiar malware signatures – This is the approach taken by SandBlast™ Zero-Day Protection and Mobile Threat Prevention. Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network designed to fight cybercrime, and which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites: It identifies millions of malware types daily. * The complete list of the top 10 malware families in September can be found on the Check Point Research Blog: http://blog.checkpoint.com/2017/10/12/septembers-wanted-malware-locky-shoots-back-global-rankings/ Check Point’s Threat Prevention Resources are available at: http://www.checkpoint.com/threat-prevention-resources/index.html Follow Check Point via: About Check Point Software Technologies Ltd.
|