Malwarebytes experts believe that the ransomware became the favourite method of crypto hackers once again, although in the recent past they preferred crypto jacking. Experts believe that the reason for the change of tactics was a prolonged decline in the cryptocurrency market, as well as new measures to protect against hidden mining.
Fbot might have helped as well. Qihoo 360 Netlab specialists have discovered the Fbot botnet recently, built on the basis of the source code of the Svari malware. Apparently, the main task of this malware is to clean infected devices from other threats. Qihoo 360 analysts write that Fbot is different from other Satori botnets. The threat was first noticed a month ago and, apparently, its main task is to clean infected gadgets from other malware, in particular, from com.ufo.miner, the variations of the miner ADB.Miner.
Fbot is equipped with a DDoS module borrowed from Mirai, but the researchers write that there were not even hints of DDoS attacks from the botnet. However, experts are not in a hurry to call Fbot operators good Samaritans, because it may turn out that by removing another malware, Fbot simply struggles with its competitors and clears its field of activity.
According to the Venturebeat website, referring to the estimates of Malwarebytes specialists, in the third quarter of 2018, the number of cyber attacks on various companies increased by 55% compared with the previous period. Such data is contained in the quarterly report of Malwarebytes Labs entitled “Tactics and techniques of cybercrime.” According to the document, in the third quarter ransomware began to prevail again in the sphere of cybercrime, whereas in the first half of the year its number was declining.
According to experts, the attacks took a more sophisticated character. In addition, now hackers are more interested in companies (mainly banks) than ordinary consumers: the latter began to attack only 4% more often than in the previous quarter.
In the third quarter, 40 new ransomware viruses emerged. There are more cases when hackers try to steal valuable corporate information using Trojans.
Speaking of crypto jacking, according to Malwarebytes, in recent months there has been a decline in criminal activity of this kind: in the third quarter, it decreased by 26%.
During the first half of the year, crypto jacking was the predominant type of cybercrime. Many companies have changed their policies and taken measures of protection.
The network has a lot of material with tips on how to detect the fact of crypto jacking. Also, for example, the Chrome browser has banned scripts and extensions that allowed attackers to perform hidden mining.