An average of 480 new malware attacks occurred per minute between July and September and there was a sharp increase in the number of attacks against Internet of Things devices, according to a quarterly report by cybersecurity company McAfee.
Ransomware attacks remain popular, with a 45 percent increase over the past four quarters, and new IoT device malware attacks increased 73 percent in the third quarter and 203 percent in the past four quarters. While the number of disclosed incidents targeting the U.S. fell 18 percent, that figure will likely change in the fourth-quarter report in the wake of last week’s widespread bomb threats emailed across the country.
“Cybercriminals are very opportunistic in nature,” said John Fokker, head of cybercriminal investigations at McAfee. “The cyber threats we face today once began as conversations on hidden forums and grew into products and services available on underground markets. Additionally, the strong brands we see emerging offer a lot to cybercriminals: higher infection rates, and both operational and financial security. ”
What Hackers Are Talking About
In the third quarter, McAfee researchers found conversations on hacker forums around the following topics:
- User credentials from hacked email accounts
- Skimming credit card details in e-commerce site malware
- Vulnerabilities in RIG, Grandsoft and Fallout, and on GandCrab ransomware
- Global companies that offer logins to computer systems provide “one stop or cybercriminals looking to commit fraud, selling RDP access as well as Social Security numbers, bank details, and online account access.”
By the Numbers
According to the report, “cybercriminals have taken notice of the growing volume and lax security of many IoT devices and have begun to focus on them, harnessing thousands of devices to create a mining super-computer. New malware targeting IoT devices grew 72 percent, with total malware growing 203 percent in the last four quarters. New coin mining malware grew nearly 55 percent, with total malware growing 4,467 percent in the last four quarters.”
McAfee tabulated 215 publicly disclosed security incidents, down 12 percent from the second quarter. While new mobile malware decreased by 24 percent, there was the appearance of the new Fortnite “cheat” and a fake dating app, the latter of which targeted members of the Israel Defense Forces and allowed hackers access to phone calls and a device’s location, contacts and photos.
McAfee predicted in a Threat Predictions Report last month that attacks in 2019 will be more advanced than ever before.