Internet security company, ESET took a look at some of the most pertinent malware discoveries of the year 2019 – to emphasise the importance of taking proactive countermeasures against malware and of implementing cybersecurity best practices.
Here are the top 5 malware’s discovered in 2019:
Machete is malware that has been used in cyberespionage operations primarily in Venezuela, but also in Ecuador, Colombia and Nicaragua. Operators use Machete as a tool for spearphishing, predominantly targeting government organisations, such as military, education, police and foreign affairs. Once the malware is unleashed via email, it takes screenshots, logs keystrokes, accesses the clipboard, retrieves and encrypts files, and collects victim’s geolocation.
Discovered after a two-year decline of Android ransomware, Android/Filecoder.C encrypts the files on a mobile device before demanding a payment in Bitcoin for their decryption. Distributed via online forums, these malware files have the capacity to not only encrypt files but to also send text messages to the victim’s contact list.
The malware is used to phish for login credentials to BtcTurk, a Turkish cryptocurrency exchange. It was the first malware discovered that can circumvent restrictions brought in by Google in March 2019, which aimed to strengthen SMS-based two-factor authentication (2FA). Instead of intercepting SMS messages, which became harder for attackers thanks to Google’s new restrictions, this malware reads the notifications that appear on a device’s display to obtain the one-time password.
In July, Varenyky launched a sextortion campaign in France, distributed through spam email attachments disguised as bill documents. Once the victim enables macros on the attached document, the computer becomes compromised, and the attacker can record the user’s screen. The apparent aim of this malware is to obtain footage of the victim which can then be used for extortion.
5. KRACK for Echo and Kindle
In January 2019, after more than a year of extensive additional research, ESET reported that many Wi-Fi enabled devices, including Amazon Echo and at least one generation of Amazon Kindle, were still vulnerable Key Reinstallation Attacks, or KRACK(s), two years after the initial discovery. The vulnerabilities allowed attackers to execute Denial of Service attacks, disrupt network communications, and intercept sensitive information such as passwords.
Edited by Jenna Cook
Follow Jenna Cook on Twitter
Follow IT News Africa on Twitter