ESET marks Antimalware Day 2019 with a ‘top 5’ list of malware discovered in 2019

Editor

Bratislava, 3 November 2019 – Today, we celebrate Antimalware Day, founded by ESET two years ago, to honor the visionary work of Fred Cohen, Ph.D. and his advisor, Professor Len Adleman PhD., which laid the cornerstone for future research into computer threats.

ESET is marking this year’s celebration by taking a look at some of the most pertinent malware discoveries of the year 2019, in order to emphasize the importance of taking proactive countermeasures against malware and of implementing cybersecurity best practices.

1.    Machete
Machete is malware that has been used in cyberespionage operations primarily in Venezuela, but also in Ecuador, Colombia, and Nicaragua. The operators use Machete as a tool for spearphishing, predominantly targeting government organizations, such as the military, education, police, and foreign affairs. Once the malware is unleashed via email, it can take screenshots, log keystrokes, access the clipboard, retrieve and encrypt files, and collect the victim’s geolocation.

2.    Android/Filecoder.C
Discovered after a two-year decline in instances of Android ransomware, Android/Filecoder.C encrypts the files on a mobile device before demanding a payment in Bitcoin for their decryption. Distributed via online forums, these malware files have the capacity to not only encrypt files, but to also send text messages to the victim’s contact list.

3.    Android/FakeApp.KP
This malware is used to phish for login credentials to BtcTurk, a Turkish cryptocurrency exchange. It was the first malware discovered that is able to circumvent restrictions brought in by Google in March 2019, which aimed to strengthen SMS-based two-factor authentication (2FA). Instead of intercepting SMS messages, which became harder for attackers thanks to Google’s new restrictions, this malware reads the notifications that appear on a device’s display in order to obtain the one-time password.

4.    Varenyky
In July, Varenyky launched a sextortion campaign in France, distributed through spam email attachments disguised as bill documents. Once the victim enables macros on the attached document, the computer becomes compromised, and the attacker is able to record the user’s screen. The apparent aim of this malware is to obtain evidence of the victim watching pornographic content, which can then be used for extortion.

5.    KRACK for Echo and Kindle
In January 2019, after more than a year of extensive additional research, ESET reported that many Wi-Fi enabled devices, including Amazon Echo and at least one generation of Amazon Kindle, were still vulnerable to Key Reinstallation Attacks, or KRACK(s), two years after the initial discovery. The vulnerabilities allowed attackers to execute Denial of Service attacks, disrupt network communications, and intercept sensitive information such as passwords.

To find out more about how ESET can help protect you against malware, visit www.eset.com.

About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET is the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single "in-the-wild" malware without interruption since 2003. For more information, visit www.eset.com or follow us on LinkedInFacebook and Twitter.