We already know the security industry witnessed several significant ransomware attacks in 2017. Some of these campaigns derived at least part of their success from recent developments among malware families more generally. These trends will no doubt continue to shape bad actors’ offensives and how defenders can hope to protect against them in 2018.
Digital security startup Minerva Labs has identified three trends in particular that emerged in 2017 and that will likely influence malware attacks into the coming year. These are as follows:
To rectify that issue, Minerva Labs decided to examine the extent to which exploit kit attacks in 2017 leveraged evasive techniques. Its researchers identified a total of 74 infection paths consisting of two stages, an exploit kit and a resulting payload. Of those infection paths identified, Minerva found that defenders 86% were evasive and could be prevented at the exploit kit. It arrived at approximately the same figure (eight-five percent) for those paths’ payloads.
In total, the digital security firm found that 99% of all infection paths were evasive in either exploit kits or their payloads, with three quarters leveraging evasion in both stages. The paths led to all kinds of payloads, with ransomware standing out. Most of those crypto-mlaware families detected by Minerva used at least one evasive technique. Close to half (forty-eight percent) relied on memory injection tactics. Meanwhile, other families used malicious Office files and environment tests at 28% and 24%, respectively.
Defenders’ Hope for Vaccination
Many malware families are designed to avoid infecting the same endpoint more than once. With that objective in (Read more...)
This is a Security Bloggers Network syndicated blog post authored by David Bisson. Read the original post at: The State of Security