Kaspersky Lab researchers have discovered that an increasing number of cybercriminals are turning their attention to malicious software that is mining cryptocurrencies at the expense of users’ mobile devices.
Woburn, MA – August 16, 2017 – Kaspersky Lab found that exploit packages in-the-wild became the game changer of the cyber threat landscape in Q2 2017. In just three months, Kaspersky Lab products have blocked more than five million attacks that involved exploits from archives leaked on the web. According to the findings of its Q2 Malware report, the growth peaked at the end of the quarter, indicating the unrelenting scale of this cyber threat.
Attacks conducted with the help of exploits are among the most effective as they generally do not require any user interaction, and can deliver their dangerous code without the user suspecting anything. As a result, these tools are widely used, both by cybercriminals seeking to steal money from private users and companies, and in sophisticated targeted attacks hunting for sensitive information.
The second quarter of 2017 experienced a massive wave of these in-the-wild vulnerabilities due to a number of exploits being leaked on the web, which caused a notable change in the cyber threat landscape. The findings show that 82 percent of all attacks within the quarter were detected in just the last 30 days. The major kick-off was the Shadow Brokers’ publication of the “Lost in Translation” archive, which contained a large number of exploits for different versions of Windows. Despite the fact that most of these vulnerabilities were not zero-day vulnerabilities and were patched by the Microsoft security update a month before the leak, the publication led to disastrous consequences.
The damage from malware that used exploits from the archive as well as the number of infected users is overwhelming, with ExPetr and WannaCry pandemics being the most notable examples. Another example is the CVE-2017-0199 vulnerability in Microsoft Office, discovered in early April. Despite the fact that it was patched in the same month, the number of attacked users peaked at 1.5 million.
“The threat landscape of Q2 provides yet another reminder that a lack of vigilance is one of the most significant cyber dangers,” said Alexander Liskin, security expert at Kaspersky Lab. “While vendors patch vulnerabilities on a regular basis, many users don’t pay attention to this, which results in massive-scale attacks once the vulnerabilities are exposed to the broad cybercriminal community.”
Other online threat statistics from the Q2 Malware Report include:
- Kaspersky Lab solutions detected and repelled 342,566,061 malicious attacks from online resources located in 191 countries all over the world in Q2. This is less than in the previous period, where 479,528,279 malicious attacks from online resources located in 190 countries all over the world were detected.
- Attempted infections by malware that aims to steal money via online access to bank accounts were discovered on 224,675 user computers, compared to 288,000 user computers in Q1.
- Crypto-ransomware attacks were blocked on 246,675 unique computers, compared to 240,799 computers in Q1.
- Kaspersky Lab’s antivirus tool detected a total of 185,801,835 unique malicious and potentially unwanted objects in Q2, compared to a total of 174,989,956 unique malicious and potentially unwanted objects in the first quarter.
- On average, 17.26% of Internet-connected computers in the world at least once faced a web attack using the Malware-class malicious objects.
To reduce the risk of infection, Kaspersky Lab advises to:
- Keep the software installed on your PC up to date, and enable the auto-update feature if it is available.
- Wherever possible, choose a software vendor that demonstrates a responsible approach to a vulnerability problem. Check if the software vendor has its own bug bounty program.
- Use robust security solutions and make sure they keep all software up to date.
- Regularly run a system scan to check for possible infections.
Read the full version of the Kaspersky Lab’s Malware Report on Securelist.com.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Articles related to Virus News
Learn more >
Kaspersky Lab researchers have discovered a new variant of the SynAck ransomware Trojan using the Doppelgänging technique to bypass anti-virus security by hiding in legitimate processes.
Learn more >
Kaspersky Lab’s global channel partner program aimed at managed service providers (MSPs) reached 1,000 registered partners in under a year of the program being available.
Learn more >