So many malware threats, so little time. We’ve rounded up the eight most dangerous malware threats every business needs to be aware of.
From Citadel to Zeus, banking Trojans have proven to be some of the most potent and profitable malware tools. This malware focuses on stealing bank account logins, which in turn can be used to steal whatever is in those accounts. It is believed that Zeus alone has been used to steal more than $120 million from compromised accounts.
Backdoor Trojans are designed to give hackers the very same access and rights to a computer or network as the administrator in charge of managing them. Which means hackers can do a lot of damage over an extended period – from stealing information and deleting files to changing passwords and modifying security settings.
Keyloggers have once again become a favored tool of cybercrooks. They’re designed to steal anything that’s typed on a keyboard and even on a touch screen. In recent tests, only one of 44 of the most popular antivirus software products in current use was able to detect even the simplest keylogger.
Ransomware like Cryptolocker is also on the rise, and researchers claim that the malware has been so successful in making money for its creators that it’s likely to spawn lots of copycats. Ransomware makes money by encrypting all the data on an infected computer and then charging a fee or ransom to release that data back into the custody of its owners. One small cyber gang is believed to have made more than $27 million using Cryptolocker.
Exploit kits can include Trojan downloaders and droppers and are really the road crew of the malware industry. Their job is not so much to commit the crimes but set them up. Once installed on a victim computer or network, they give the criminals the options of what kind of malware they want to upload. In 2013, the Blackhole Exploit Kit was most commonly used to deliver the Zeus banking Trojan.
Bots are tiny pieces of malware, at least compared to their malware cousins described above. And unlike their cousins, they’re not specifically designed to attack the host computers they infect. Instead, bots take control of the infected computers, sometimes millions of infected computers at a time, to assist in other crimes. Those crimes could be to share or hide stolen information, distribute child pornography, or attack other computers.
Drive-by downloads, like APTs, are not really malware but attacks designed to help malware. They don’t necessarily break into the bank, just cut the hole in the roof for others to climb through. Vulnerable websites are infected with malware that’s not designed to attack the website itself, but to spread the malware to visitors to that site. Once recent report found that crooks now prefer to spread malware through websites versus email by a ratio of 5-1 because it’s much more effective.
Advanced Persistent Threats, or APTs, may not really be a type of malware either but a type of attack that usually involves malware. And usually the most sophisticated kind. APTs have been growing in popularity because they work, and get their name because the attackers will often pick very specific targets and attack them relentlessly over a long period and using some very sophisticated attack tools. Some companies and even individuals targeted by APTs have been attacked as often as thirty times in thirty days.
Constant vigilance and layers of security are your best defense against malware. It’s much more cost-effective to put security in place proactively rather than react after an attack. SiteLock’s website security solutions can find and even automatically remove malware, as well as block malicious traffic from accessing your website in the first place. Call our security experts today at 877.563.6200. We are available 24/7 to help.