Malware: It’s Not Just in Your Inbox Anymore
Subscriber Benefit
As a subscriber you can listen to articles at work, in the car, or while you work out. Subscribe Now
Astaroth, DarkHotel, Fireball and Echobot are all great names. But they’re malware that can create havoc in a computer. While most computer users are now savvy and tuned into how tech villains serve up malware, recent studies show malware is getting more sophisticated. Here’s the story and how to avoid getting lured into clicking with regret.
First the good news, the number of malware attacks detected decreased steadily in 2021 from 5.5 million in January 2021 to 2.2 million in December 2021. Now the bad news. The number of attacks, specifically on Android mobile devices, has gotten more sophisticated in terms of both malware functionality and vectors, according to Kaspersky.
Since most computer users are tuned into schemes and scams, it’s head scratching to figure out how criminals continue to create ways to get into mobile devices and computers. The Kaspersky study shows adware is on the increase from over 42% to over 57% from 2020 to 2021. Adware is that unwanted software displaying advertisements on your device. An adware virus is considered a PUP (potentially unwanted program), which means it’s a program that is installed without express permission from the user.
Risktools that conceal system files, hide running applications or terminate active processes comes in second with Trojan malware the third most detected category. Trojan malware is considered far more dangerous than the first two first categories. Its use increased from 4.5% to nearly 9% from 2020 to 2021.
Banking Trojan is a severe threat to mobile devices. It has different capabilities, which generally include stealing credit card information typed on the mobile device and/or gaining access to bank accounts. These often originate with phishing emails in an inbox. They look like a bank sent them. Yet, on the other end of the email is a thief waiting to steal hard earned cash.
Cyber thieves are always at work to stay a step ahead of traditional tech users. Recent news headlines tell their stories.
Discord is a popular VoIP, instant messaging and digital distribution platform. Its users communicate with voice calls, video calls and text messaging sharing media and files in private chats or as part of communities. It’s just one of many great tools keeping us connected during the pandemic, and it has been a great tool for the cyber devious who are now sharing malware posed as a Windows 11 installer. They’re sharing a nice picture that looks like the Windows 11 logo, click and go to a website for an install. An HP threat research team took a look and it turns out it leads to malware that sets out to steal user information.
Microsoft Teams is another great tool to connect and meet right now, so hackers thought, why not take advantage since some 270 million people rely on Teams each day. Researchers at Avanan, a Check Point company that secures cloud email and collaboration platforms, found that hackers have started to drop malicious executable files in conversations on Microsoft Teams communication platform. This malware was identified in January. The reason why isn’t clear yet.
A new malware called Xenomorph distributed through Google Play Store has infected more than 50,000 Android devices to steal banking information. Still in early development stage, Xenomorph is targeting users of dozens of financial institutions in Spain, Portugal, Italy, and Belgium.
Each of these malware files is being shared via branded, legitimate computer user tools. What’s a computer user supposed to do to stay safe?
- Always be suspicious. Virtual meetings are not going anywhere anytime soon. In large groups, don’t click on unknown chat links.
- If you receive a link that you need, but it looks suspicious, call IT and talk with a professional before clicking and regretting the decision.
- Move business files to a cloud-based server in lieu of a traditionally hardwired server environment. If a desktop or laptop becomes infected, it can easily be replaced or repaired. Data cannot be accessed since it’s in a cloud.
- Password protect everything. There are systems to save passwords. Password protect those systems. Change passwords regularly. Add characters to passwords. Make it hard for a cybercriminal to access information.
Malware isn’t just in your email anymore. Cybercriminals continue to lurk in the corners and find ways to take advantage of computer users. These modern-day Bonnie and Clydes work hard to stay a step ahead. Outsmarting them means being on guard, trusting your gut, tightening security and calling in experts as needed.