Antimalware Day: Five malware types plaguing 2020

Next story

First marked on 3rd November 2017, Antimalware Day was established by ESET to honor the work of researchers in information security, as well as those in the technology industry more widely. The date was chosen to celebrate the work of Frederick Cohen, who – on 3rd November 1983 – created self-replicating code, and his Ph. D. advisor Professor Leonard Adleman, who first named this code as a computer virus.

A lot has changed in the 37 years since, with huge advances in both the malware used by cybercriminals and the technology used to fight against it. This Antimalware Day, ESET invites you to learn about five significant malware types threatening internet users in 2020.

1.       Internet of Things (IoT) malware
As we increase our use of smart technology – whether voice assistants, connected doorbells or routers – it is unsurprising that attacks on these devices have also risen. A common type of malware that targets IoT devices is malicious bots.

Once taken over by bots, IoT devices are often used as communication channels to other compromised devices in networks called botnets. Harnessing the full weight of a botnet, the botnet operators can conduct a host of malicious activities, including deploying ransomware, conducting distributed denial of service attacks and stealing banking credentials, with deadly effect.

Unfortunately, IoT devices can be extremely easy to target. This is due both to the prevalent use of default or weak passwords like “admin” and the bad practice of not patching your home router. Among over 100,000 tested routers, the top 10 vulnerabilities detected by ESET were old ones from 2012 to 2015.

While often not a key focus – even for security-conscious individuals – keeping your smart devices always up-to-date is a crucial element of cyber hygiene.

2.       Android malware
The top category of Android threats detected by ESET in 2020 is called ‘Hidden Apps’. Hidden Apps are a form of malware that hide their icons after installation and plague your device with annoying, full-screen ads.

To encourage downloads, this malware is often disguised as attractive games or useful utilities, deceiving individuals of their true purpose until it is too late. As the icons for these apps disappear once they have been downloaded, it can be difficult for users to locate the issue and uninstall the malware.

The best protection is to use security software like ESET Mobile Security that can detect and remove these apps.

3.       Malicious torrents
Torrenting – or the act of downloading many small bits of data from different sources simultaneously – is a legitimate process, mostly used to share videos and music, distribute large amounts of data, or download and update games. However, malicious torrents are prevalent, and can be used to quickly spread malware.

Earlier this year, ESET uncovered a malware family that used precisely this process: KryptoCibule. KryptoCibule makes extensive use of the BitTorrent protocol tempting users with the offer of cracked or pirated software and games. While delivering the expected goods, the malware downloads both a cryptominer and a clipboard hijacking component that steals cryptocoins, and exfiltrates cryptocurrency-related files.

Malware like KryptoCibule present yet another reason to prefer official websites and services instead of torrenting sites.

4.       Mac malware
Once thought immune to computer threats, it is now clear that Mac devices can be compromised with malware, and they have been targeted frequently by cybercriminal groups. In 2020, ESET Research discovered fake websites distributing trojanized cryptocurrency trading applications for Mac computers.

For example, the Kattana trading application for Mac computers was copied and trojanized in July 2020. Cybercriminals utilized the so-called GMERA malware to steal information, such as browser cookies and cryptocurrency wallets, and take screenshots.

Protecting Mac computers with security solutions like ESET Cyber Security is crucial to fend off threats that otherwise present genuine-looking websites and apps for cryptocurrency traders to use.

5.       Malicious emails
Working from home, unfortunately, means greater vulnerability to email-based cyberattacks, so it is no surprise that malware distributed via email has surged over the past few months. Total malicious email detections are up, and the highest portion (25%) carried an exploit for a 2017 vulnerability in Microsoft Office.

Make sure to turn on auto-updates for your Microsoft Office apps and prevent older vulnerabilities from coming back to bite you.

You can read more about Antimalware Day here. For more information about ESET, visit our website here, and to gain insight into the current threat landscape, read ESET’s Q3 2020 Threat Report.