‘McAfee Labs Threats Report’ Spotlights Innovative Attack Techniques, Cryptocurrency Mining, Multisector Attacks

By on

In the McAfee Labs Threats Report June 2018, published today, we share investigative research and threat statistics gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q1 of this year. We have observed that although overall new malware has declined by 31% since the previous quarter, bad actors are working relentlessly to develop new technologies and tactics that evade many security defenses.

These are the key campaigns we cover in this report.

  • Deeper investigations reveal that the attack targeting organizations involved in the Pyeongchang Winter Olympics in South Korea used not just one PowerShell implant script, but multiple implants, including Gold Dragon, which established persistence to engage in reconnaissance and enable continued data exfiltration.
  • The infamous global cybercrime ring known as Lazarus has resurfaced. We discovered that the group has launched the Bitcoin-stealing phishing campaign “HaoBao,” which targets the financial sector and Bitcoin users.
  • We are also seeing the emergence of a complex, multisector campaign dubbed Operation GhostSecret, which uses many data-gathering implants. We expect to see an escalation of these attacks in the near future.

Here are some additional findings and insights:

  • Ransomware drops: New ransomware attacks took a significant dive (-32%), largely as a result of an 81% drop in Android lockscreen malware.
  • Cryptojacking makes a comeback: Attackers targeting cryptocurrencies may be moving from ransomware to coin miner malware, which hijacks systems to mine for cryptocurrencies and increase their profits. New coin miner malware jumped an astronomical 1,189% in Q1.
  • LNK outpaces PowerShell: Cybercriminals are increasingly using LNK shortcuts to surreptitiously deliver malware. New PowerShell malware dropped 77% in Q1, while attacks leveraging Microsoft Windows LNK shortcut files jumped 24%.
  • Incidents go global: Overall security incidents rose 41% in Q1, with incidents hitting multiple regions showing the biggest increase, at 67%, and the Americas showing the next largest increase, at 40%.

Get all the details by reading the McAfee Labs Threats Report, June 2018.

Categories: McAfee Labs
Tags: , , , ,

Leave a Comment

Similar articles

As ransomware threats become more sophisticated, the tactics cybercriminals use to coerce payments from users become more targeted as well. And now, a stealthy strain is using deceptive techniques to mask its malicious identity. Meet CryptoMix ransomware, a strain that disguises itself as a children’s charity in order to trick users into thinking they’re making ...
Read Blog
Think about it: In the course of your everyday activities — like grocery shopping or riding public transportation — the human body comes in contact with an infinite number of germs. In much the same way, as we go about our digital routines — like shopping, browsing, or watching videos — our devices can also pick ...
Read Blog
Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google’s Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal patch cycle. McAfee products received ...
Read Blog