Winter is here, which makes it the perfect time to talk about viruses. Computer viruses, that is. We’ve already provided you with computer security tips for your workplace
as a preventative measure but we also think it’s a good idea for you to know the enemy. Today, we’re taking a look at the computer contagions to watch out for in the year ahead.
5 Malicious Programs to Look Out for in 2020 and Beyond
1. Astaroth Trojan
Known for its capability to exploit vulnerable processes in antivirus software, Astaroth Trojan has been around for over two years but it’s been updated to give it new life in 2019. The new variant is utilizing modules in common cybersecurity software to steal online credentials and personal data.
Astaroth Trojan is a sneaky beast, disguising itself as image and GIF files to infect computers and, as of September 2019, Security Intelligence reports
that it is now using Facebook and Youtube profiles to support its infection chain. Astaroth Trojan’s capacity for adapting to and exploiting antivirus programs make it one to watch in 2020 as another new strain is a near certainty.
REvil, also known as Sodinokibi, is receiving a lot of press as we wind down 2019. It’s not so much because of the havoc it’s been wreaking around the world (although significant) but because it is reportedly the followup to one very successful ransomware attack from earlier in the year - Gandcrab.
The hacking group which created Gandgrab made away with over 2 billion dollars worth of cryptocurrency in less than one month before it shut down. It seems greed got the best of the group, as they have returned with REvil to revel in their knack for creating malicious programs.
REvil accesses computer systems through malvertising, which is as it sounds - an attack that is initiated when users think they’re clicking legitimate online advertisements. In some cases, the hackers have been able to deliver ads based on user profile interests to increase the click-through-rate, namely through Twitter.
Other REvil attack vectors occurring in the tail end of 2019 include server exploits and phishing campaigns. Whether REvil survives the year or not is beside the point, as the hacking group is expected to continue with their malvertising exploits into 2020. Be mindful.
3. Spidey Bot
Your Spidey senses should be tingling because there is a new form of malware that is currently affecting an online chat app right at this very moment. Known as Spidey Bot, the program (when initiated) is able to copy the first 50 characters from a user’s Windows clipboard. The character count may contain sensitive information such as a password and may allow the program to create a backdoor into a computer system so that more malware can infiltrate.
At press, only gaming-centric Discord app users have cause for concern but because the chat app is very similar in nature to programs such as Skype, TeamSpeak, Slack, and other professional communications platforms, there may be a new variant coming for your business’ communications tool. Consider a switch to more secure MS Office 365 platforms such as Teams with SharePoint.
This is another one that has been around for a few years, went dormant, then resurfaced with a new strain here at the end of 2019. Emotet is commonly spread in Microsoft Word documents, but also via embedded URLs in email phishing. The malware is most known for its dirty deeds overseas but has been spotted in Florida and may be working its way to Canadian soil.
The malicious campaign is luring in victims with craftily worded subject lines such as 'Payment Remittance Advice' and 'Overdue invoice’ and when the infected document is clicked, a macro is initiated to download Emotet from a compromised WordPress site. Time to give your staff a refresher course on clickbait and phishing prevention.
5. The One No One Knows About…Yet
At SecTor 2019,
Canada's Premier IT Security Conference which runs each year in October, speaker Solomon Sonya succinctly stated:
“Tomorrow’s attacks will be asymmetrical and unconventional”.
The Asst. Professor of Computer Science was right. It will be difficult to predict what new malicious program will rear its spiteful head in 2020. Its authors will find ways around IT security measures in place and exploit vulnerabilities unless your cybersecurity protocol includes tools that leverage artificial intelligence (AI) and machine learning.
Remember, traditional antivirus software is no longer enough to protect against threats, so you need advanced endpoint threat protection that is backed by AI and machine learning to keep a step ahead.
Fully Managed offers that protection, and more. Learn more about the FM Security Solution
and be sure to contact us today
before one of the contagions addressed above (or others) infects your computer systems.