Australian malware detections doubled in 2017

| January 30, 2018

The latest Global State of Malware Report from Malwarebytes reveals a worrying increase in ransomware and other malicious intrusions in 2017.

Cryptojackers attacked businesses with an ever more diverse range of delivery methods, with traditional exploits taking a back seat as supply chain delivery attacks became more common. State sponsored threat campaigns hit South Korea, Ukraine and Saudi Arabia while criminals simply stole what they couldn’t hold for ransom elsewhere around the world.

Attempted attacks on consumers are still rising, alongside the growing threat to national infrastructure and commercial companies from criminals and state sponsored actors. The Malwarebytes report also underlines the breadth of malware-based cybercrime, from hacks, ransomware and banking Trojans to spyware, adware, and cryptocurrency miners.

Global Trends
Ransomware was tool of choice for cybercriminals in 2017. Ransomware against consumers increased 93% while ransomware against businesses around the world was up by 90%. The monthly rate of ransomware attacks increased up to 10 times the rate of 2016, with September 2017 having the largest volume of ransomware attacks against businesses ever documented.

Hijackers, adware and riskware tools were the top 3 detections against businesses around the world and the second half of the year saw a doubling of banking Trojan detections. Hijacks rose nearly 40% year over year, moving this threat to the most common threat detected against businesses in 2017.

Asia Pacific
The study records a 90% increase in ransomware attacks for businesses and consumers in the region, although it is still only the fifth most common threat which businesses face.

Hijacker detections remained in line with 2016 until August 2017 when detection numbers soared by 566%. While 2017 began the year with less spyware than before, the last 2 quarters of the year ended with 3 times the number of detections in Asia Pacific and 50% more ‘worms’ than seen in 2016.

Jeff Hurmuses, the Area Vice President and Managing Director of the Asia Pacific for Malwarebytes, said that “It’s clear that cybercriminals are becoming more strategic as they pick the most effective form of attack. While Asia Pacific hasn’t been a major target in the past, the data we are seeing leads us to believe that ransomware, worms, and spyware attacks will become a major threat in the region.

“It’s crucial that companies, particularly in the healthcare and education sectors, stay ahead of these threats, familiarise themselves with cybercriminals’ methodologies and tactics, and replace their outdated security systems before they become a victim of an attack.”

Australia and New Zealand
Global ransomware attacks from WannaCry, Globelmposter, Locky, and Cerber played major roles in the surge in ransomware attacks in 2017 around the world. However, while there were occasional spikes in detections, Australia saw a welcome downward trend in this particular type of malware in the final quarter of the year.

Despite this glimmer of hope, malware detections doubled overall in Australia and New Zealand in 2017 and the two countries suffered a 15% increase in adware detections compared to the previous year. This increase meant that Adware jumped to the number one spot in malware detections for Australia and New Zealand, although this increase pales in comparison with Singapore which suffered a 450% increase in adware detections in 2017.

Malicious Crypto-miners
Swept along by the cryptocurrency craze, bad actors have started utilising cryptomining tools on victim’s personal computers to mine virtual currency for themselves. There has been a sharp increase in the number of hidden currency miners delivered through compromised websites, malicious spam, exploit kit drops and adware bundlers.

Malwarebytes blocked an average of 8 million drive-by mining attempts per day in September 2017 and this number is set to rise as long as the crypto-currency craze continues.