Čvn 18

Symantec Report Indicates End of Locky Ransomware Threat

Source: bitcoin

Bitcoinist_End of Locky

Although malware threats and exploit kits are a significant threat to our society, various types are showing a decrease in activity. Angler, Locky, and Dridex are the three top categories which see less interest all of a sudden. For now, it remains unclear as to why this decrease is taking place, albeit it is possible criminals are turning toward new solutions.

Also read: Industry Report: Digital Currency Is Booming Across the Globe

Ransomware and malware have been the top two threats since 2015. Many institutions and consumers have fallen victim to these threats, but it looks like Dridex and Locky are slowing down regarding usage. Moreover, the Angler exploit kit, which is often used to deliver these two types of malicious software, is losing popularity as well.

Locky Ransomware On The Way Out

According to a recent survey by Symantec, all of these three groups have all but ceased operating. Some of the other significant threats affecting customers and enterprises are also scaling back their activity. That being said, it is not unlikely to think other types of malware and ransomware will start seeing an increase in popularity over the next few months.

The decrease in Locky activity is quite noteworthy, as the ransomware was showing significant success a few weeks ago. However, over the past two weeks, nearly no activity has been noted by Symantec. Whether This is due to a disruption in their operations, or just a business decision to scale back, is unknown at this time.

Dridex and Angler Are Losing Ground

Dridex, one of the leading types of financial fraud Trojans, has seen its presence drop to near zero over the past month. That being said, the malware is still roaming in the wild, albeit far less frequent than ever before. Moreover, some of the botnets associated with spreading the Dridex banking malware are still in operation to this very day. It also appears as if Word macro downloaders are still delivering Dridex through email spam campaigns.

But the biggest shock comes in the form of the Angler exploit kit showing a significant decrease in usage. For quite some time, this toolset has been a fan favorite among internet criminals. It is worth noting that, ever since CryptXXX started showing a decrease in activity, so did the Angler exploit kit. Other types of exploit kits are showing similar results, which may indicate internet criminals will look for different tools to wreak havoc on computers and networks.

What are your thoughts on this Symantec report? Let us know in the comments below!

Source: Symantec

Images courtesy of Symantec, Shutterstock

The post Symantec Report Indicates End of Locky Ransomware Threat appeared first on Bitcoinist.net.

Symantec Report Indicates End of Locky Ransomware Threat

Share
Dub 13

500 Million Records Stolen in 2015 Due To Security Vulnerabilities




Source: bitcoin

Bitcoinist_Security Vulnerabilities

Despite the wide variety of cyber attacks against companies and individual users all over the world, far too many websites contain security vulnerabilities.  Hackers have a relatively easy time to gain access to centralized databases and obtain sensitive user information.

Also read: Security Experts Create Solution For Petya Bitcoin Ransomware

Three In Four Sites Have Security Vulnerabilities

A new report by Symantec paints a rather painful picture for enterprises and individual website owners who collect consumer data. Considering how close to three in four sites have security vulnerabilities which have gone unpatched for quite some time now, the situation is far more dire than most people expected.

Internet criminals are becoming more refined in their attack methods, and there does not seem to be a preference for particular security vulnerabilities. With so many different platforms collecting sensitive data, such as addresses and verification documents, there is a treasure trove of data which can be sold on the underground markets.

Symantec Security Response Director Kevin Haley told the media:

“Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off. We are even seeing low-level criminal attackers create call centre operations to increase the impact of their scams.”

The report also makes mention of nine “mega breaches” which took place in 2015, and the total number of records stolen is well above half a billion. Zero-day security vulnerabilities seem to be the primary attack vector for internet criminals, and Symantec noted a 125% increase in the number of zero-day exploits being identified last year. Moreover, 430 million new malware variants were discovered, including various types of Bitcoin ransomware.




Speaking of Bitcoin ransomware, this remains one of the biggest concerns for security experts all over the world. Most of these malware packages are part of an exploit kit which will take advantage of security vulnerabilities. Now that ransomware has made it to Macintosh and mobile devices; the future looks grim unless security precautions are taken to the next level.

Distributed ledgers can eventually take the place of traditional database solutions although more research and development is needed in this regard. Storing sensitive consumer data in one place makes it very attractive for hackers to exploit security vulnerabilities and sell the information on underground forums. Blockchain technology is an ally in this fight, and enterprises would be wise to explore this possibility further in the coming years.

What are your thoughts on this new Symantec report? What can be done to prevent hackers from exploiting security vulnerabilities? Let us know in the comments below!

Source: Symantec

Images courtesy of Symantec, Shutterstock

The post 500 Million Records Stolen in 2015 Due To Security Vulnerabilities appeared first on Bitcoinist.net.

500 Million Records Stolen in 2015 Due To Security Vulnerabilities

Share