The total malware attacks of 2020 have decreased over the previous years. The global trend was impacted by the use of macro-enabled documents for malware delivery. According to the leading provider of intelligent phishing defense solutions, Cofense gave insight on malware families and global campaigns that were prominent during the past quarter and delivery method. This insight was recently released in its Q4 2019 Malware Trends Report.
Cofense is seen around sub-Sahara Africa by value-added distributor Networks Unlimited Africa.
The new malware attack
“A macro intends to assist with automating repetitive tasks. Sometimes Macros are seen in Microsoft Office documents such as Excel, Word, and PowerPoint. These macros contain embedded code produced in a programming language known as Visual Basic for Applications (VBA)”
“However, malware attacker can write VBA code to produce macros that do inappropriate things. These codes are also embedded in documents for distribution online to enhance malware attacks. Despite security efforts and awareness, macro-enabled documents still find their way into inboxes. These files are an intrusion vector for various malware families, like the Emotet trojan. Only, few companies can completely make macros inactive and also provide a valuable function in many areas.” says the GM of Cybersecurity at Networks Unlimited Africa, Stefan van de Giessen.
About Emotet Trojan
Botnet and Emotet is a banking Trojan that distributes malicious emails to gather financial information. Information is derived by inflicting computer code into the networking stack of an infected Microsoft Windows computer. With this, sensitive data are stolen through the transmission source. The cofense report also states that the advancement of Emotet in the last quarter of 2019 has continued to rise from Q3.
With the increase in Emotet from the third quarter, there has also been an increase in macro-enabled documents as a malware delivery mechanism. Emotet makes sure there’s a distribution of malicious email, fake financial invoices. As well as other phishing bait, and invitations to a Christmas party.
“As the report notes, Emotet is one of many threats currently facing organizations,” comments Van de Giessen, “and so it is imperative to understand the current phishing landscape, as well as its future evolutions, to help organizations protect themselves from security breaches.”
“On the malware front, the end of Window 7 will probably introduce new malware which will target ransomware to continue growing. 2020’s election which will be done soon may deliver more phishing, while geopolitical events can bring about more cyber threats.” According to the Cofense report, the malware is likely to continue its infections into mid-2020.
About Loki Bot
A new malware called Loki Bot also took the top spot as the most prevalent non-Emolet malware attacks. Agent Tesla Keylogger also takes second place after Loki Bot. Loki bot has been effective in stealing information through the years. But it also has low maintenance and easy deployment capabilities, enabling more distribution with less effort.
“This report is another review of information showcased by Cofense Intelligence; it also includes the range of factual data that it can provide. It underscores the increase in the sophisticated world of threat by malware attackers,” comments Van de Giessen.
“This all goes to emphasizes, once again, that technology alone is not enough when we try to assist both individuals and organizations to fight against cybercrime. The consistent ethos behind Cofense’s solutions is to unite people with technology, offering human-focused phishing defense solutions that enable people to identify, mitigate, and report such threats as malware and spear-phishing,” he concludes
More: