Check Point’s latest Global Threat Index reveals an increase in banking trojan attacks in August as organisations feel the impact of large scale Ramnit campaign, that has been converting victim’s machines into malicious proxy servers.
Ramnit's fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years.
After staying dormant for few years, the Ramnit banking trojan resurfaced in July and jumped to sixth place. A wider analysis of how the banking trojan is evolving shows innovative development on the part of its authors, with an eye to broader malware trends.
“This is the second summer running where we have seen criminals increasingly using banking trojans to target victims and make a quick profit,” Maya Horowitz, Threat Intelligence Group Manager at Check Point commented. “Trends like this should not be ignored as hackers are acutely aware of which attack vectors are most likely to be successful at any given time, suggesting internet users’ browsing habits during the summer months make them more susceptible to banking trojans. This underlines that malicious hackers are tenacious and sophisticated in their attempts to extort money.”
Horowitz added: “In order to prevent exploitation by banking trojans – and other types of attacks – it is critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families cyber-attacks and brand new threats.”
During the period Coinhive remained the most prevalent malware, with impact on 17% of organization worldwide. Dorkbot and Andromeda were ranked in second and third place respectively, each with a global impact of 6%.
Coinhive – Crypto Miner designed to perform online mining of Monero cryptocurrency when a user visits a web page without the user’s knowledge or approval the profits with the user. The implanted JavaScript uses a great deal of the computational resources of end users’ machines to mine coins, and may crash the system.
Ramnit's fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years.
After staying dormant for few years, the Ramnit banking trojan resurfaced in July and jumped to sixth place. A wider analysis of how the banking trojan is evolving shows innovative development on the part of its authors, with an eye to broader malware trends.
“This is the second summer running where we have seen criminals increasingly using banking trojans to target victims and make a quick profit,” Maya Horowitz, Threat Intelligence Group Manager at Check Point commented. “Trends like this should not be ignored as hackers are acutely aware of which attack vectors are most likely to be successful at any given time, suggesting internet users’ browsing habits during the summer months make them more susceptible to banking trojans. This underlines that malicious hackers are tenacious and sophisticated in their attempts to extort money.”
Horowitz added: “In order to prevent exploitation by banking trojans – and other types of attacks – it is critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families cyber-attacks and brand new threats.”
During the period Coinhive remained the most prevalent malware, with impact on 17% of organization worldwide. Dorkbot and Andromeda were ranked in second and third place respectively, each with a global impact of 6%.
Coinhive – Crypto Miner designed to perform online mining of Monero cryptocurrency when a user visits a web page without the user’s knowledge or approval the profits with the user. The implanted JavaScript uses a great deal of the computational resources of end users’ machines to mine coins, and may crash the system.