10 popular malware campaigns your business should avoid

Coinhive is at the top of the global threat index for the 15th consecutive month, according to a Check Point report.

Coinhive leads the global threat index for the 15th month in a row, according to a Check Point report released on Friday. The report outlines the top 10 most popular cryptomining malware campaigns for companies to avoid.

The past couple years have seen a spike in cryptocurrency mining malware, according to a previous Check Point report. Most mining apps and sites aren't intended to be illegitimate, but do crossover to malware territory when used maliciously. Cryptomining malware infections have become so popular that they replaced ransomware as the top cybersecurity threat in 2018.
While Coinhive reigns as the "most wanted" malware on the list, the cryptominer will actually stop operations in March of 2019. One malware that could possibly take it place is GandCrab, which has risen significantly in popularity over the past couple months, the report found.

Here are the other cryptomining malware programs the report identified as the most dangerous:

1. Coinhive
2. Cryptoloot
3. Emotet
4. XMRig
5. Jsecoin
6. Dorkbot
7. Nivdort
8. Gandcrab
9. Authedmine
10. Ramnit

For advice on how to avoid the top malware threats, check out this article on our blog.

5 ways to avoid top malware threats

Backdoors, cryptomining, fake apps, and banking Trojans increased substantially in the past year, according to McAfee. Here's how to protect your business. In the past year, business professionals saw a 75% increase in banking Trojans, which allow cybercriminals to obtain financial credentials off mobile devices, according to a McAfee report released on Monday.

The report also detected an increase in backdoors, cryptomining, and fake apps through the latter half of 2018. These findings emphasize the importance of securing mobile devices, as well as their connected environments.

Most businesses, from Fortune 500s to mom-and-pop shops, will likely deal with a security breach or vulnerability disclosure at some point," Steve Povolny, head of advanced threat research at McAfee, said in a press release. "Those who are proactive and very public in addressing the issue have an opportunity to reinforce consumer trust and confidence."

Most businesses, from Fortune 500s to mom-and-pop shops, will likely deal with a security breach or vulnerability disclosure at some point," Steve Povolny, head of advanced threat research at McAfee, said in a press release. "Those who are proactive and very public in addressing the issue have an opportunity to reinforce consumer trust and confidence."

The big takeaways for tech leaders:

• Mobile malware increased substantially in 2018, especially through banking Trojans. — McAfee, 2019
• Employees should avoid installing applications from unknown sources, click with caution, go directly to the source, use mobile security software, and stay aware of threats. — McAfee, 2019

 

To learn more about the ever-evolving malware landscape, check out this article on our blog.

How the malware landscape is evolving

We still have a massive number of hacks and malware coming in through phishing and older "tricks," says Franc Artes, Architect of Security Business at Cisco.

Franc Artes, Architect, Security Business at Cisco, tells TechRepublic's Dan Patterson about the risks businesses and consumers face in the wake of ransomware. The following is an edited transcript of the interview.

Dan Patterson: Are there things that business, or even consumers, can do to fend off these types of secret ransomware attacks?

Franc Artes: A lot of best practices we've personally been giving for years are still some of our best defenses. We see them continuing to be exploited because they aren't being followed.
Those are things like maintaining your cache levels on your applications and your operating system. It is utilizing inbound and outbound firewalls, especially for a consumer, by utilizing a laptop. They don't have a tech department to help them.
It is being aware of what you're doing. When we see that we still have a mass number of hacks and malware delivery coming in through phishing and so forth. We're still seeing old
tricks being used, and they're still very successful, which is why the attackers continue to use them. Hopefully getting the awareness on that.

Dan Patterson: Are there any other insights from the most recent Cisco Security report that business and IT decision makers should be aware of? Threats that may be surreptitious or under the radar?

Franc Artes: From the report itself, we actually have a lot of very good information relating to more of the defense and the augmentation that we see corporations using in this particular case. That is a growing reliance and demand for artificial intelligence and machine learning.
Cisco itself has a very large investment, and research, and development into those categories and fields within all of our different verticals from switching and routing all the information into our security products.
We see that benefiting through products like AMP, for example, that utilizes a back-end cloud system. AMP is the Advanced Malware Protection from Cisco. As we see that install base growing, we see, of course, the number of samples growing that come into that cloud. In the last year, we had 10-times the increase in the number of those samples. Consequently, that helped us reduce our time to detect brand new malware to a record set in four point six hours.