The Check Point 2017 Global Threat Intelligence Trends Report

 
2017 was an incredible year for the cyber security industry. With attacks reaching ever higher numbers and increasing levels of innovation, there seems to be no stop to the cat and mouse game taking place between threat actors and security experts. In our H2 2017 Global Threat Intelligence Trends Report, we reveal that cyber-criminals are increasingly turning to cryptominers to develop illegal revenue streams, while ransomware and ‘malvertising’ adware continue to impact organizations worldwide. Based on data drawn from Check Point’s ThreatCloud intelligence between July and December 2017, the H2 2017 Global Threat Intelligence Trends Report gives a detailed overview of the ...

Malware Displaying Porn Ads Discovered in Game Apps on Google Play

 
In the past, cyber-criminals have targeted businesses, hospitals, and governments; today, we’ve seen them begin to focus on games and apps intended for children.   Check Point Researchers have revealed a new and nasty malicious code on Google Play Store that hides itself inside roughly 60 game apps, several of which are intended for children. According to Google Play's data, the apps have been downloaded between 3 million and 7 million times.   Dubbed ‘AdultSwine’, these malicious apps wreak havoc in three possible ways: Displaying ads from the web that are often highly inappropriate and pornographic. Attempting to trick users into installing fake ...

Huawei Routers Exploited to Create New Botnet

 
A Zero-Day vulnerability in the Huawei home router HG532 has been discovered and hundreds of thousands of attempts to exploit it have already been found in the wild. The delivered payload has been identified as OKIRU/SATORI which is an updated variant of Mirai. The suspected threat actor behind the attack is an amateur nicknamed ‘Nexus Zeta’. Introduction In the last 10 years, the number of connected devices has grown to over twenty billion, and, as the years go by, they get progressively smarter. However, whereas they score high on convenience, the latest discoveries from Check Point Research shows they still have a lot of homework to do to get their security score up ...

What Lies Ahead? Cyber-Security Predictions for 2018

 
Arnold H. Glasow famously quipped that “the trouble with the future is that it usually arrives before we’re ready for it.”  The past year certainly took us by surprise when the WannaCry and Petya ransomware outbreaks hit businesses globally, causing unprecedented disruption, while serious new vulnerabilities such as BlueBorne were discovered in almost every connected device in use.   While these large-scale attacks and vulnerabilities dominated news headlines, there were other significant cybersecurity trends developing behind the scenes which also have the potential to disrupt peoples’ daily lives.   These trends are the result of our increasing reliance on ...

October’s Most Wanted Malware: Cryptocurrency Mining Presents New Threat

 
Check Point’s latest Global Threat Index has revealed crypto miners were an increasingly prevalent form of malware during October as organizations were targeted with the CoinHive variant Crypto mining is emerging as a silent, yet significant, actor in the threat landscape, allowing threat actors to extract substantial profits while victims’ endpoints and networks suffer from latency and decreased performance. The emergence of Seamless and CoinHive once again highlights the breadth and depth of the challenges organizations face in securing their networks against cyber-criminals. Following up on recent Check Point research that found that cryptocurrency miners can use up to 65% of ...

Account Hijacks Affect Everybody, Even ‘Top Dogs’

 
Being “cool and smart” was the name of the game when we were at school, and it seems nothing really changes as we get older. With the ‘cool factor’ among IT professionals translating into the adoption of modern IT technology, it’s not surprising to see why today’s businesses are being pushed ever faster towards to the cloud. But of course there are other good reasons why 70% of companies (Gartner 2016) are already moving their IT infrastructure closer to the stars with cloud services. Whether it be data storage and servers or the increasing use of SaaS products, cloud computing allows businesses much greater agility and enables them to deliver applications at a fraction of ...

Boleto: The Perfect ‘Inside Job’ Banking Malware

 
The Brazilian cyberspace is known to be a whole ecosystem of its own and, although the banking malware that originates there has traditionally been somewhat basic, recent trends have indicated new and more refined tools for attack. Subsequently, what originally started in Brazil may well be about to spread to users of online banking worldwide. In May 2017, researchers at Talos analyzed a banking Trojan that was delivered in Portuguese via a spam campaign, a common delivery method for such malware. Upon opening the email attachment, victims would be redirected to a JAR file which executes a malicious JAVA code to initiate the malware installation process. Until now, the deeper inner ...

Baby, Who Can Drive My Car?

 
This is the third post in our IoT blog series. Read the first post about IoT in healthcare and the second post about smart cities here. Driverless cars have long been a feature in science fiction – and over the past few years, they’ve become a reality, with the major motor manufacturers developing and showcasing autonomous vehicles, with the vision of making road travel cleaner, more efficient and safer. While we have yet to see the truly driverless car on public roads, the cars that most of us drive every day are already far more intelligent and connected than we may realize.  And that connectivity can present a significant cybersecurity risk. A typical new car today is ...

September’s Most Wanted Malware: Locky Shoots Back Up Global Rankings

 
Check Point’s latest Global Threat Index has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally over the course of the month. Locky has not appeared in our Global Threat Impact Index, which reports on the top ten most prevalent malware attacks globally every month, since November 2016. However, attacks in September were powered by the hefty Necurs botnet, which in itself was ranked at number ten in the table. These attacks shot Locky up 25 places overall, to sit just behind the Roughted malvertising campaign in pole position. Locky’s distribution began in February 2016, and it rapidly became one of ...

Does Your Mobile Anti-Virus App Protect Or Infect You? The Truth Behind DU Antivirus Security

 
With mobile attacks representing nearly 20% of all cyberattacks in the Americas during the first half of 2017, users are constantly warned to be aware of security risks affecting their data and privacy, and install security software to protect their device. But what happens when antivirus solutions can’t be trusted, and actually compromise users’ privacy? Check Point mobile threat researchers recently discovered a free mobile anti-virus app developed by the DU group, a developer of Android apps, which collects user data without the device owners’ consent. The app, called DU Antivirus Security, was distributed over Google Play, Google’s official app store, and downloaded between ...