Cryptojacking, Mobile Malware Growing Threats to the Enterprise

At the same time, criminal organizations continue to look for new ways to attack their victims.

If exploits and malware were stocks and bonds, the third quarter of 2018 would have been a bull market.
Thats the broad takeaway from
Fortinets Q3 2018 Global Threat Landscape Report,
which found malware, exploits, and threats all on the increase. From July through September, unique malware variants grew 43%, while the number of malware families grew by nearly 32%.
Despite those numbers, Anthony Giandomenico, senior security strategist/researcher at FortiGuard Labs, says cryptojacking is one of the more serious threats hes seeing. Giandomenico realizes that many researchers view crypto-jacking as more of an annoyance, but he sees two problems with that view.
First, it got into your network. Next, a lot of crypto-jacking malware is bringing down your antimalware software, breaking holes in your firewall, communicating with C&C, and doing other malicious things, he explains.
In addition, malware stuffing will be a bigger problem as time goes on, he says. You see crypto-jacking bundled with ransomware and other malware, Giandomenico says. I think well see this loaded with other malware in the future. The reason for his view is simple: Crypto-jacking may not raise much in the way of revenue, but its free money, adding a little bit to the criminals coffers every day until its discovered.
Another threat with rising impact is mobile malware. A lot of the bad guys realize that the mobile device in users hands is a computer just like the one at home or at work. Users let their guard down, and the bad guys are capitalizing on that, he says. The increase in mobile malware can be seen in obvious ways — for example, of the threats organizations faced from all attack vectors, 14% of total malware alerts were Android-related — and in ways that are more subtle.
Some of the targeted spear-phishing attacks will wait until lunchtime, when the victim will be at lunch, on their mobile phone. Then theyll get the message that looks like its from a trusted source, Giandomenico says, explaining that it can be much more difficult to fully vet an email message on a small mobile screen than on the screen attached to a desktop computer.
One piece of potentially positive news is that the percentage of encrypted network traffic continues to rise, hitting 72% in the third quarter, up from 55% a year earlier. While encryption makes legitimate traffic harder to intercept and steal, it also makes malicious traffic more difficult to analyze and block. Giandomenico says hes not terribly worried about the latter. I think more organizations will leverage analytics and machine learning to detect problems in the traffic without getting inside the traffic itself, he adds.
Related Content
:
8 Threats That Could Sink Your Company
User Behavior Analytics Could Find a Home in the OT World of the IIoT
Most Businesses to Add More Cloud Security Tools
Worst Malware and Threat Actors of 2018

Black Hat Europe returns to London Dec 3-6 2018 with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the
conference
and
to register.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Cryptojacking, Mobile Malware Growing Threats to the Enterprise