The Rise of Fileless malware

Over the last two years, there has been an uptick in the amount the malware attacks that are fileless. This means that the malware is designed to not rely on or interacts with the filesystem of the host machine. This is so it is relatively undetectable by file scanning, which is the common way to find malware. This rising trend will change how we deal with these kind of malware threats. One of the changes to combat this threat is to turn to behavior based detection strategies like “script block logging,” which will keep track of code that is executed, for someone to sift through and look for abnormalities.

Experts are predicting that fileless malware attacks will continue to rise as it did from 2016 to 2017 because of its success rate. Fileless attacks are more likely to be successful than file-based attacks by an order of magnitude (literally 10 times more likely), according to the 2017 “State of Endpoint Security Risk” report from Ponemon. The ratio of fileless to file-based attacks grew in 2017 and is forecasted to continue to do grow this year. This goes to show that we need to constantly be adapting to different threats, because we know the hackers will.
– Ryne Krueger

 

https://www.technewsworld.com/story/85178.html

 

Justice Department Announces Takedown of Global Cyber Crime Ring

On February 7, The Justice Department announced the takedown of a global cyber crime ring. It has indicted 36 people, and arrested 13, for trafficking stolen identities. This group is a Ukraine -based group known as “Infraud”, with the motto, “In Fraud, We Trust.”  They were founded in 2010 by a guy named Svyatoslav Bondarenko, a 34-year-old Ukrainian, to create a “comfortable and safe’ place to ‘bring together professional people for who carding and hacking become a lifestyle.” Among the stolen items advertised were 795,000 HSBC bank logins, dozens of PayPal logins and credentials, and credit card numbers. Users could also use the site to advertise malware for sale. Aside from selling stolen Social Security numbers and other information, They also provided a way for people to launder money using digital currencies like Bitcoin, etc. This is good news to show that we can fight back against these hackers. The world will be a little bit safer until the next group rises up.

Source:  https://www.reuters.com/article/us-usa-cybercrime/u-s-shuts-down-cyber-crime-ring-launched-by-ukrainian-idUSKBN1FR2M7

 

  • Ryne Krueger