As a continuation of our series of the top malware from the Center for Internet Security, we’re breaking down the top five malware of October 2018. By understanding who the malware targets, how it spreads and what you can do to ensure your data is secure and protected, you will be proactive in protecting your data.
Below are the top five malware from October 2018:
What is Cerber?
Cerber encrypts the files of infected users and demands money in exchange for giving access to their files back.
One of the most active malwares around currently: anyone can unleash it, for around 40 percent of the profits.
It works even if you are not connected to the internet, so you can’t stop it by unplugging your PC.
How is it spread?
Email with an infected Microsoft Office document attached.
The malware then encrypts files with algorithms and renames them with a random file extension.
Who does it target?
Anyone and Everyone can be affected!
*except users in certain countries: Armenia, Azerbaijan, Belarus, Georgia, Kyrgyzstan, Kazakhstan, Moldova, Russia, Turkmenistan, Tajikistan, Ukraine or Uzbekistan*
At least for now!
What is NanoCore?
NanoCore is a modular trojan that can be modified to include additional plugins, expanding its functionality and performance based on the user's needs and experience level.
Who does NanoCore Target?
NanoCore's ease of use and ability to customize features makes it a popular option for novices and skilled hackers alike. This makes it a popular malware that is spreading worldwide.
Method of Infection?
It spreads mainly through malicious emails
It can open a backdoor that allows the hacker to access the webcam and microphone, view the desktop, create internet message windows and offers other options.
What is ZeuS?
ZeuS Virus, also known as ZeuS Trojan malware, is a form of malicious software that targets Microsoft Windows.
It uses two main methods of infection:
Who does ZeuS Target?
ZeuS is often used to steal financial data! Banks are being targeted through specific email campaigns especially in Canada and The United States.
However, it is starting to be seen targeting individuals as well as businesses alike!
What is Kovter?
Kovter is a trojan malware aimed at performing ad fraud and is hard to detect and remove, as it uses file-less infection methods.
Method of infection?
Mail attachments as a Macro in a Word document file.
Self-downloading file that is stored in the system to gain persistence.
Who does Kovter Target?
The earliest reports of the malware viewed it as a police ransomware. It would remain in the system waiting for the right opportunity- most often when the user downloaded illegal files.
It has since evolved into click fraud malware, now even a file-less malware in some cases.
What is Emotet?
Emotet is an advanced, modular banking Trojan that primarily functions as a downloader of other banking Trojans.
Method of Infection?
Currently, Emotet uses five known spreader modules:
NetPass.exe, Web Browser Pass View, Mail Pass View, Outlook scraper, and a credential enumerator.
Emotet sends an email containing either a malicious link that leads to a downloader document or that has a malicious document attached.
The anti-analysis module performs multiple checks to make sure it is not being run on a malware research machine, then it loads the main component
Who does Emotet target?
Originally, Emotet spread banking Trojans, and was focused on targeting banking customers in Germany.
However, Swiss banking customers became another target and Emotet evolved into more modular malware.
The new version of Emotet has separate modules for everything from it’s loader to malicious spam.
What makes Emotet SO dangerous?
It can lead to…
Malwares can be serious threats to your future and the future of your business.
So, what can YOU do to protect yourself?
LACyber is a division of Lincoln Archives providing comprehensive Data Breach Defense Services. Lincoln Archives and LACyber are proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.