Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Research: COVID-19 Pandemic Drives Criminal and Political Cyber-Attacks Across Networks, Cloud and Mobile

Cyber-Attack Trends: 2020 Mid-Year Report’ Reveals How Criminals Have Targeted All Sectors With Pandemic-Themed Attacks and Highlights Surge in Nation-State Cyber Activity

Check Point Software Technologies Ltd. a leading provider of cyber-security solutions globally, released its ’Cyber Attack Trends: 2020 Mid-Year Report’, which shows how criminal, political and nation-state threat actors have exploited the COVID-19 pandemic and related themes to target organizations across all sectors, including governments, industry, healthcare, service providers, critical infrastructure and consumers.

Recommended AI News: Ericsson Selected By SoftBank To Deliver Cloud Native Dual-Mode 5G Core

COVID-19 related phishing and malware attacks increased dramatically from under 5,000 thousand per week in February, to over 200,000 per week in late April. Also, in May and June, as countries started to ease lockdowns, threat actors also stepped up their non-COVID-19 related exploits, resulting in a 34% increase in all types of cyber-attacks globally at the end of June compared to March and April.

Key trends revealed in the report include:

  • Cyber warfare escalates: nation-state cyber-attacks surged in intensity and severity in H1 as countries sought to gather intelligence on or disrupt rivals’ handling of the pandemic. This extended to targeting healthcare and humanitarian organizations such as the WHO, which reported a 500% increase in attacks.
  • Double-extortion attacks: In 2020, a new form of ransomware attack has become widely-used in which the attackers exfiltrate large quantities of data prior to encrypting it. Victims who refuse to pay the ransom  are threatened with the data being leaked, putting additional pressure on them to meet the criminals’ demands.
  • Mobile exploits: threat actors have been seeking new mobile infection vectors, improving their techniques to bypass security protections and place malicious apps in official application stores. In another innovative attack, threat actors used a large international corporation’s Mobile Device Management (MDM) system to distribute malware to more than 75% of its managed mobile devices.
  • Cloud exposure:  The rapid move to public clouds during the pandemic has led to an increase in attacks targeting sensitive cloud workloads and data.   Threat actors are also using cloud infrastructure to store the malicious payloads used in their malware attacks.  In January, Check Point researchers found an industry-first critical vulnerability in Microsoft Azure which would have allowed hackers to compromise data and apps of other Azure tenants, showing that public clouds are not inherently secure.

“The global response to the pandemic has transformed and accelerated threat actors’ business-as-usual models of attacks during the first half of this year, exploiting fears around COVID-19 as cover for their activities. We have also seen major new vulnerabilities and attack vectors emerging, which threaten the security of organizations across every sector,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point.  “Security experts need to be aware of these rapidly evolving threats so that they can ensure their organizations have with the best level of protection possible during the rest of 2020.”

Recommended AI News: Delta Presents Via Its Virtual Exhibition Its New Energy-Efficient Solutions For 5G And IoT Peripheral Computing

The most common malware variants during H1 2020 were: 

Related Posts
1 of 40,869
Top malware overall during H1 2020
  1. Emotet (impacting 9% of organizations globally) – Emotet is an advanced, self-propagating and modular Trojan. Emotet was originally a banking Trojan, but recently has been used as a distributer of other malware or malicious campaigns. It uses multiple methods for maintaining persistence and evasion techniques to avoid detection.  In addition, it can also be spread through phishing spam emails containing malicious attachments or links.
  2. XMRig (8%) – XMRig is open-source CPU mining software used to mine the Monero cryptocurrency. Threat actors often abuse this open-source software by integrating it into their malware to conduct illegal mining on victims’ devices.
  3. Agent Tesla (7%) – AgentTesla is an advanced remote access trojan (RAT) which functions as a keylogger and password stealer and has been active since 2014. AgentTesla can monitor and collect the victim’s keyboard input and system clipboard and can record screenshots and exfiltrate credentials for a variety of software installed on a victim’s machine (including Google Chrome, Mozilla Firefox and Microsoft Outlook email client). AgentTesla is sold on various online markets and hacking forums.
 Top cryptominers during H1 2020
  1. XMRig (responsible for 46% of all cryptomining activity globally) – XMRig is open-source CPU mining software used for the mining process of the Monero cryptocurrency, and first seen in-the-wild in May 2017. Threat actors often abuse this open-source software by integrating it into their malware to conduct illegal mining on victims’ devices.
  2. Jsecoin (28%) – Web-based Crypto miner designed to perform unauthorized online mining of Monero cryptocurrency when a user visits a particular web page. The implanted JavaScript uses a large amount of the computational resources of the end-users machines to mine coins, thus impacting the performance of the system. JSEcoin stopped its activity in April 2020.
  3. Wannamine (6%) – WannaMine is a sophisticated Monero crypto-mining worm that spreads the EternalBlue exploit. WannaMine implements a spreading mechanism and persistence techniques by leveraging the Windows Management Instrumentation (WMI) permanent event subscriptions.
 Top mobile malware during H1 2020
  1. xHelper (responsible for 24% of all mobile malware attacks) – xHelper is an Android malware which mainly shows intrusive popup ads and notification spam. It is very hard to remove once installed due to its reinstallation capabilities. First observed in March 2019, xHelper has infected more than 45,000 devices.
  2. PreAMo (19%) – PreAMo is a clicker malware for Android devices, first reported in April 2019. PreAMo generates revenue by mimicking the user and clicking on ads without the user’s knowledge. Discovered on Google Play, the malware was downloaded over 90 million times across six different mobile applications.
  3. Necro (14%) – Necro is an Android Trojan Dropper. It can download other malware, show intrusive ads, and fraudulently charge for paid subscriptions.
Top banking malware during H1 2020
  1. Dridex (responsible for 27% of all banking malware attacks) – Dridex is a Banking Trojan that targets Windows PCs. It is delivered by spam campaigns and Exploit Kits, and relies on WebInjects to intercept and redirect banking credentials to an attacker-controlled server. Dridex contacts a remote server, sends information about the infected system, and can also download and execute additional modules for remote control.
  2. Trickbot (20%) – Trickbot is a modular Banking Trojan that targets the Windows platform, and is mostly delivered via spam campaigns or other malware families such as Emotet.
  3. Ramnit (15%) – Ramnit is a modular banking Trojan first discovered in 2010. Ramnit steals web session information, giving its operators the ability to steal account credentials for all services used by the victim, including bank accounts, and corporate and social networks accounts.

The ’Cyber-Attack Trends: Annual Report 2020 H1’ gives a detailed overview of the cyber-threat landscape. These findings are based on data drawn from Check Point’s ThreatCloud intelligence between January and June 2020, highlighting the key tactics Cyber-Attack are using to attack businesses.

Recommended AI News: Vonage To Safeguard Gaming Firm PUBG Corporation’s Global Gamers

4 Comments
  1. bigbootyporn says

    I don’t even know how I ended up here, but I thought this post was great.

    I do not know who you are but certainly you’re going to
    a famous blogger if you are not already 😉 Cheers!

  2. aescat replica says

    Do you have a spam problem on this site; I also am a blogger,
    and I was wanting to know your situation; many of us have developed some nice procedures and we are looking to swap techniques with other folks, why not shoot me an e-mail if interested.

  3. replica voguellshop says

    whoah this blog is great i really like reading
    your articles. Keep up the good work! You know, a lot of people are searching round for this
    info, you can aid them greatly.

Comments are closed, but trackbacks and pingbacks are open.