Lull in cybercrime for Singapore in Q218: Malwarebytes

Source: Malwarebytes. Cover of the report.

Malwarebytes Labs has released the quarterly Malwarebytes Labs Cybercrime Tactics and Techniques (CTNT) report*.

In Singapore, a generally slow quarter reflects an overall lull in cybercrime. Android ransomware decreased, while spyware and Trojans jumped slightly. There was an increase on backdoor attacks, and it seems that cryptomining is gradually plateauing, Malwarebytes said.

Reflecting global trends, Android ransomware detections in Singapore have gone down by 88.7% between Q218 and Q118. This could mean that ransomware actors are diverting their targets and changing strategies. Meanwhile, the trends for both spyware and Trojan detections have increased between Q2 and Q1, with a jump of 159% and 5.25% respectively.

Meanwhile, there has been a spike in backdoor malware detections, with an increase of 2,270%. The CTNT report has traced this to the Backdoor.Vools campaign. The Vools backdoor malware has been primarily observed installing cryptocurrency miners on affected systems, but could easily install other malware on systems once cryptomining goes out of fashion, Malwarebytes notes.

The CTNT report observes that cryptomining detections are gradually plateauing as many cybercriminals have not received as much return on investment from cryptomining as they expected. The company predicts that cryptojacking will likely stabilise as it follows market trends in cryptocurrency, with spikes or downturns in the currency market quickly impacting behaviour.

There will also be a spike in malware threats in the education sector. As students return to school after a mid-year break many of their devices will be full of malware from sites that they have visited during their holidays. Adware and Hijacker have been some of the most common threats for students this quarter, Malwarebytes said.

Jeff Hurmuses, Area VP and MD, Asia Pacific, Malwarebytes, said: “Cybercriminals actively target sites where students commonly browse, and they are often legitimate sites. A common way to infect one of these sites is through the ads which get served up from a different, less secure source. As the cyberthreat landscape evolves, there is a need for schools to understand cybercriminals’ methodologies and tactics, and replace outdated security systems to avoid becoming the latest victim of an attack.”

Explore:

Read the Cybercrime Tactics and Techniques report for Q218

*The Malwarebytes Labs team gathered data from April through June 2018 from their Intelligence, Research and Data Science teams, with telemetry from both consumer and business products, which are deployed on millions of machines.