Malwarebytes today announced the results of the Q1 2019 Cybercrime Tactics and Techniques report. The report is a culmination of data based on the Company’s unique threatanalysis capabilities. Globally, Q1 showed a significant uptick in business ransomware detections (195%), along with continued momentum for Trojan variations by over 200% and a sharp decline in crypto mining. In APAC, the region has seen business malware detections on the rise, similar to global trends.
Key findings from APAC include:
- Singapore ranks nine for the number of malware detections recorded in APAC. Among the top ten countries including (in order of most detections) Indonesia, India, Thailand, Philippines, Vietnam, Australia, Malaysia, Pakistan, and Bangladesh, Singapore ranks number nine, with a total of 1,047,780 business detections. On the consumer side, there is 12,033,636 detections, giving a total of 13,081,416 detections in Q1. Adware, Trojan and Generic malware remains the most common detections for both businesses and consumers alike.
- Ransomware is growing in prevalence. Ransomware was ranked the fourth most common threat detected in APAC, and has gained rapid momentum among business targets with an increase of 30% in detections from Q4 2018 to Q1 2019. Compared to the same time last year, business detections of ransomware have seen a rise of over 325%, due to rogue WannaCry infections still spreading through the APAC region due to unpatched systems.
- Crypto mining is on the decline. Between Q4 2018 and Q1 2019, there was a drop of 33% on consumer miners. From the same period the previous year, there have been a nearly 80% drop in consumer miner detections. A reverse trend was observed in businesses, who saw a rise of 77% on business miners between Q4 2018 and Q1 2019, and a 42% rise in business miner detections year on year. Overall, the crypto mining detections have been observed to slow down.
- Emotet also continues to target enterprises. Businesses are the prime target. The overall detections of Emotet on businesses have risen almost 200% from the previous quarter, and consumer detections have also showed a significant increase of 170%. In total, Emotet detections have shown a 230% increase between Q4 2018 and Q1 2019.
- Backdoor Vools have been replaced by Viruses. Last year, backdoor Vools utilizing Eternal exploits was observed to be breaking into networks. Since the beginning of the year, Vools have seen a drop of 88% in detections of backdoors on businesses. In place of this threat is an increase in the use of Viruses, or file infectors, which modify executable files on the system and execute malicious code when launched. The use of viruses, essentially setting up more backdoors, is something worth noting for businesses and consumers, who are showing distrust towards the way organisations handle their data.
- Globally, the APAC region comes in third place for the total number of detections.A total of 14.1m malware detections were observed in APAC in Q1 2019, with Backdoors, Viruses, Exploits and Android Backdoors & Monitors as the top malware detected. APAC comes in third place behind NORAM (19.84m) & EMEA (19.8m). Among countries in APAC, Malaysia, which ranks seventh place in APAC, sees Trojans, Ransom, Adware and Generic malware as the top malware detected in the country; Hong Kong, with the top malware detections being Adware Trojan and Machine Learning / Generic / RiskwareTool as its top malware detected, ranks at number fifteen in APAC.
The full Cybercrime Tactics and Techniques Report is available here.