Emotet, the most widespread malware worldwide and Ryuk, a ransomware-type, are growing threats and real concerns for businesses and internet users in 2020. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019. This study also concludes that a total of 377 Portuguese domains were used to spread different types of malware in the same period.
Analyzing the general distribution of the compromised domains, grouped by category, it is possible to verify that the most affected were as follows: professional/companies (20.2%), personal (13.5%), retail (12.7%) and industry (11.9%). Social media/communication organizations, health care, and non-profit organizations were less impacted.
It was also possible to conclude that Emotet was the most widespread Malware worldwide and it has been enhanced with new capabilities that include the Ryuk Ransomware. This enhancement appeared in the middle of September 2019.
Ryuk infects computers by encrypting all local and shared files, not allowing the user’s access without paying the ransom. This ransomware is difficult to stop and does not have known execution flaws at the present time.
“We live in an era where we increasingly hear about malware and the impact it has on companies and people. The term malware has been gaining prominence as a result of the wave of malware and phishing campaigns that anyone is subject to”, says Cipher. “Portugal still lacks information about compromised Portuguese domains (.pt) and the kind of the malware used to perform these attacks. This report pretends to show how the .pt domains were used in malware campaigns, through the analysis of the first to the third quarter of 2019,” he concludes.
Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks.
Enjoy the full report.
Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.
Read more here.