The Malwarebytes Cybercrime Tactics and Techniques report for the third quarter of 2017 saw a number of high profile breaches targeting the personal information of hundreds of millions of people.
The Equifax breach may have dominated the news cycle, but other notable attacks against the UK National Health Service (NHS), Instagram, Whole Foods, and Sonic were also reported. In addition, Malwarebytes observed shifts in malware distribution, the revival of some old families, and found cases of international tech support scams.
Over the last quarter, we have observed several active spam campaigns pushing the Emotet banking Trojan on Windows systems. This malware makes money by intercepting network traffic and stealing bank account details, then selling them on the black market. In addition, Emotet has also been observed utilizing sophisticated evasion techniques to help hide from security software and spread the infection.
In Mac malware news, we have seen continuous growth and several long-term attackers coming back from the dead; families discovered years ago, made a comeback this quarter with new variants.
>See also: Cyber security is a ‘people problem’
What this means is that Macs are beginning to attract more persistent adversaries who see the value in infecting Mac users. Apple still has a minority market share in the personal computer world, but they have become increasingly popular and their product’s mythical immunity to malware has been revealed to be just that, a myth.
This quarter in Android malware, users have been targeted by a new ‘clicker’ Trojan we call Trojan.Clicker.HYJ. This malware has the capability to spread to other devices by utilizing the victim’s contact list.
Potentially unwanted programs
The adware industry has gone to great lengths to avoid detection by security products, which leaves your system wide open to infection by malware.
>See also: The Trojan horse: 2017 cyber security trends
The adware SmartScreen comes bundled with other PUP software, and its overall goal is to push advertising to any user who installs it. It also hooks into the operations of Windows, blocking security software from running. In the report, we take a deeper look at this pseudo-malware and what it can do.
Tech support scams
Multi-language tech support scams are on the rise globally, driven by geo-targeted malvertising campaigns. Malwarebytes expect an increase in the next quarter.