Malware escalation in Q2 2020 : HTTP and Java based script attacks on the rise


While Q2 of this year saw an overall 8% decrease in malware attacks, 70% of them were zero-day attack (attacks occurring after the discovery of a vulnerability and before the release of a patch) - a 12% increase from the previous quarter. After the zero-day attacks, HTTP based attacks marked up to be 34%, and consequently organizations that do not inspect incoming traffic will be blind to one-third of attacks. 

 But, there is some good news- encryption attacks reduced to 64% from Q1. Though it comes with a catch, while encryption threats decreased HTTP attacks made a massive jump even after many organizations equip HTTP inspection in their security intel.

 “Businesses aren’t the only ones that have adjusted operations due to the global COVID-19 pandemic – cybercriminals have too,” said Corey Nachreiner, CTO of WatchGuard, on the report.

 “The rise in sophisticated attacks, despite the fact that overall malware detection declined in Q2 2020, likely due to the shift to remote work, shows that attackers are turning to more evasive tactics that traditional signature-based anti-malware defenses simply can’t catch."

  “Every organization should be prioritizing behavior-based threat detection, cloud-based sand boxing, and a layered set of security services to protect both the core network, as well as the remote workforce.” 

Malware detected in Q2

Java Script-Based Attacks 

 Script attacks like Trojan. Gnaeus and J.S. PopUnder were among the top malware in the last quarter. Both of the access to the user's browser and settings and redirect them. 

 Updating your browser, preventing the browser from loading pages from unknown resources can help combat this malware. 

 Encrypted Excel files 

This malware uses an encrypted Excel file with a default password and once opened- the file automatically runs a VBA script. 

Abracadabra is one such Trojan malware that uses a default password to bypass security as the file is encrypted and later decrypted in Excel. 

 Dos makes a comeback 

 A very old (six years), Dos attacks affecting WordPress and Drupal made in the top 10 malware attack list in Q2. Though these were high in volume, they were concentrated in regions of Germany and Europe.


from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/3mVAoEg

Comments