Malware attacks with multi-functional capabilities growing in number
Multi-functional malware, which was not designed for specific purposes but flexible enough to perform almost any task, is becoming more widespread, according to a report by security company Kaspersky Lab.
The study is the result of an analysis of more than 150 malware families and their modifications circulating through 60,000 botnets around the world. It examines botnet activity from January through June 2018. Using Kaspersky’s Botnet Tracking technology, the company’s researchers continuously monitor botnet activity to prevent potential cyber attacks.
The most distinctive growth in the first half of 2018 was demonstrated by malware of a versatile nature, in particular, Remote Access Tools (RAT) malware that provides almost unlimited opportunities for exploiting the infected PC. Since the beginning of 2017, the share of RAT files found among the malware distributed by botnets almost doubled, rising from 7 percent to 12 percent.
According to the analysis, Trojans did not demonstrate as much growth as RATs but, their share of detected files still increased from 33 percent in the second half of 2017 to 34 percent in the first half of 2018. Similar to the backdoors, one Trojan family can be modified and controlled by multiple command and control (C&C) servers, each with different purposes, for example, cyber espionage or the stealing of credentials.
The share of single-purpose malware distributed through botnets dropped significantly in comparison with the second half of 2017. For example, in the second half 2017, 22 percent of all unique malicious files distributed through the botnets monitored by Kaspersky Lab were banking Trojans, while in the first half of 2018 the share of bankers dropped by 9 percentage points to 13 percent of all malicious files.