The threat landscape is changing is always changing, and usually for the worst. The new malware we see being developed and deployed in the wild have new features and techniques that allow them to go beyond what they were originally able to do, either for the focus on additional infection or evasion of detection. Let’s take a look at these undetected malware.
Under the Radar Malware: ‘Invisible’ Infections
Malware authors have been incorporating new infection methods that have resulted in a whole new category of attacks: under the radar malware. This is a difficult-to-remediate group of threats that is growing in sophistication and frequency, a cause for concern for businesses today and in the future, according to a new research report from Malwarebytes.
The under the radar malware harms our laptops silently until it is too late to remediate. We won’t even realize that we are being attacked because this modern malware is designed to avoid detection and maintain persistence.
The Future of Attacks in ASEAN
Analysing the latest data in fileless attack methodology, frequency, remediation resistance and adaptive attacks, we found that Emotet, Sorebrect ransomware, SamSam and TrickBot represent the future of attacks.
For example, when looking at Emotet, a banking trojan malware program that uses the same vulnerabilities that WannaCry and NotPetya exploited, Philippines is the most infected country in APAC, with nearly 60,000 instances detected by Malwarebytes. Sorebrect, a fileless ransomware infection that targets network shares, has been heavily detected in Southeast Asia as well, especially in Indonesia, Thailand and the Philippines.
The region is also seeing more exploit kit activity than any other part of the world right now, since so many users in these countries use outdated operating systems and browsers, that make them easy to attack with old exploits. If Sorebrect is distributed through one of these exploit kits, the victim would likely have no idea they were infected until it was far too late and it would require almost no interaction by the victim, other than visiting a website.
Fighting Cybercrime in 2019
To be able to fight cybercrime in the future, security solutions will need to include modern features that are effective against these new threats:
- Behavioral detection that is dynamic and able to learn from the threats. The future of fighting cybercrime lies in being able to detect threats because they act like threats, not necessarily because you recognize them as such.
- Blocking at Delivery. A powerful ‘bouncer’ that keeps all the endpoints safe.
- Self-Defense Modes. More and more we see attacks that attempt to shut down security tools that may be used to detect and remove whatever additional payload the threat intends to infect the system with.