Fifty percent increase in Botnet stolen credentials

Blueliv, a leading enterprise-class cyberthreat intelligence company, has launched its 2018-2019 Annual Cyberthreat Landscape Report providing insights into emerging and evolving cybersecurity trends. The report reveals that botnet stolen credentials increased by a staggering fifty percent in 2017-2018, with technology and telco sectors being the target for over half of those stolen.

  • 5 years ago Posted in

The research also revealed that India, Russia, USA, Vietnam and Turkey ranked the highest in the top ten most malware infected users by country, with those from Europe representing twenty percent of the total number. Additionally, Latin America became a new testing ground for cybercrime.

The cybercriminal ecosystem in Latin America has been growing steadily in recent years, due to increased internet penetration, increased digital transformation, high levels of outside investment and weak or non-existent cybercrime legislation. The report observed more than a seventy five percent year on year increase in the number of credentials belonging to Latin American markets in 2018. The second half of 2018 saw an increase of nearly two hundred percent compared to the same period in 2017.

“There's an incredibly dynamic threat landscape in the LATAM region that's largely being ignored. We hope to shine a spotlight on it by sharing information on the types of malicious activity we're observing there. As the tools and techniques criminals use to carry out credential theft evolve, and reuse attacks improve, malicious attackers are finding it easier to achieve their goals, finding new targets and revisiting existing ones” commented Liv Rowley, Cyberthreat Intelligence Analyst at Blueliv. “By sharing intelligence and collaborating with others in the industry, we are in a much better position to fight the cybercrime onslaught.”

The report also explores changes in the threat landscape over the past year, unearthing trends and how they are expected to impact cybersecurity in 2019, highlighting some of the key observations to cybercriminal behaviours and attacks including:

·         Ransomware campaigns decreased in popularity from 2017, but classic malicious campaigns like malware downloaders and trojans were still a trend in 2018. The significant decline in ransomware incidents is likely due, in part, to the exodus of less advanced threat actors moving away from this once-trendy cybercrime in favour of other types of crime such as cryptomining – that allow them to monetize quickly with little time and money invested.

 

·         Pony, KeyBase and LokiPWS (also known as Loki Bot) have consistently been the most active stealers. However, current figures show that Emotet4 and AZORult now rank in the top 3 stealer samples detected by Blueliv's labs.

 

·         The ever-evolving Emotet trojan, re-emerged in 2018, and in November alone, Emotet was dispatching approximately 185,000 spam messages a day, utilising over 50,000 different sender emails. The recipients were largely corporate email addresses, representing 1,200,000 million different mail domains.

 

·         Stabilisation of cybercriminal underground lowers barriers to entry for hackers and fraudsters. 2018 saw the stabilisation of English-language darknet marketplaces following a prolonged period of volatility, it appears that many of the English-language darknet markets that currently exist, such as DreamMarket, Empire Market, and Wall Street Market, have established their credentials and have begun to win back users. 2019 will likely herald further increased access to malicious products and services for cybercriminals of all stripes.

“Cybercriminals continue to find new ways to combine attack methods or compromise new and existing vectors for maximum results, but there is a real lack of capacity to respond to the increasing number of cyber incidents. Organisations need to adopt a multi-faceted approach to these threats through collaboration, technology, and training which will ultimately help them become better prepared to defend and respond to the changing threat landscape”, Rowley added.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...