Please fill in the form below to subscribe to our blog

Ransomware Isn’t the Only Malware Threat Companies Face

February 18, 2022

Other Types of Malware Are Surging, Imperiling Businesses


While ransomware may get the bulk of the press attention when it comes to cybersecurity, it’s not the only malicious software game in town. Other types of malware can also cause businesses harm, and the chance that a company will come into contact with one of them, or fall victim to an infection, is higher than ever. Malware threats can arrive through a variety of sources including SMS, social media, and chat but the most likely way that a company’s employees will come into contact with malware is through a phishing email and that is not good news for businesses. 


a cartoon image of hands with fingers pointed at an embarrased-looking white woman with a brown bob in professional clothing

Your company’s top security risk is already inside the building. Learn how to fix it with The Guide to Reducing Insider Risk. GET IT>>


Malware is A Growth Industry


Both phishing email volume and malware attack volume ballooned in 2021, with no end to that growth in sight. The UK Information Commissioner’s Office (ICO) recently announced that it recorded a staggering volume of email attacks in 2021 amounting to a 2,650% surge in phishing. ICO detailed the significant growth noting that they counted 150,317 phishing attacks in January 2021, which dramatically increased to a startling 4,135,075 in December 2021, demonstrating that increase. The bulk of those email attacks were spam, with a 2,775% increase in malicious spam noted between January and December 2021. Phishing messages made up the second-largest set, climbing 20% between January and December 2021 with a notable surge toward the end of the year. 

But a hefty chunk of those phishing attacks contained malware. ICO recorded a 423% increase in malware attacks in 2021. The malware problem that companies face has been a steadily growing issue, with an 87% increase in malware infections recorded over the last decade. While a respectable amount of that increase can be chalked up to the rise of ransomware, other types of malware also played a role. Ten years ago, the number of detected malware types stood at 28.84 million. By 2020, that number had ballooned to nearly 678 million varieties and that total is still rising.  


Learn 5 red flags that could indicate a malicious insider is at work in your organization! DOWNLOAD INFOGRAPHIC>>


What the Heck is Malware Anyway? 


“Malware” is a term spawned from a mashup of “malicious software”. That’s what malware is; malicious software that enters an environment or machine and forces unwelcome changes to the way those things operate. Ransomware is a flavor of malware, but not all malware is ransomware. Malware hews to one of three general formats based on how the malicious software does its dirty work. While these three types do not categorize all malware, most of it fits in one of these boxes: 

  • Trojans are the most common variety of malware that IT teams will encounter accounting for more than 50% of all infections. This type of malware masquerades as harmless software and can initiate a variety of attacks on systems. Some trojans are aided by human action while others function without user intervention.  
  • Viruses are the second most common species of malware,  responsible for a little over 10% of total malware infections. Similar to a real-life virus, this type of malware attaches itself to benign files on a computer and then replicates, spreading itself and infecting other files. 
  • Worms are another type of malware behind about 10% of malware attacks. A worm is a standalone piece of malicious software that reproduces itself and spreads from computer to computer. Worms are designed to exploit operating system vulnerabilities. 

dark web economy represented by the words dark web in white on a black background blurred like a faint tv transmission

Are you ready to take back control of cyberattack risk from the villains on the dark web? This webinar shows you where to start. WATCH NOW>>


What Are the Common Varieties of Malware to Watch Out for Right Now?  


Malware is constantly evolving as it floats around, with certain strains going in and out of fashion based on their effectiveness. It’s pretty easy for cybercriminals to access malware cheaply or for free on the dark web or pay someone to spread it through a phishing campaign for them. That’s what major ransomware groups are doing with their affiliates; supplying a variety of malware, getting other people to run the operations for them and collecting a chunk of the profits from a successful hit.  The growth of the cybercrime-as-a-service economy has greatly contributed to the staying power of malware strains like these: 

Dridex 

Dridex is a variety of malware that concentrates on financial crimes. This banking malware targets the Windows platform. Dridex first appeared in 2012, and by 2015 it had become a prevalent financial Trojans. Typically, Dridex is distributed through phishing emails containing malicious Word or Excel attachments. Its goal is to enable cybercriminals to invade computers and steal banking credentials and other personal information that can be used to facilitate money transfers. One common way that a Dridex attack happens is through persuading an employee to open an email attachment. That malicious attachment is infected with Drydex malware. The attachment asks the recipient to take certain prompted, seemingly harmless actions like enabling macros. Those actions then download the malware and install it on the victim’s device. CISA says that legendary cybercrime organization group Evil Corps aka REvil are the originators of Dridex malware.  

Cybercriminals are using this malware right now, attaching it to emails that exploit people’s fears around the growth of the Omicron COVID-19 variant. In a currently active Dridex campaign, bad actors are sending their prospective victims phishing emails that are socially engineered to make them extremely appealing, using subject lines like “COVID-19 testing result”. Inside, the harmless-looking message informs the recipient that they are being notified that they were recently exposed to a coworker who tested positive for the Omicron COVID-19 variant. The recipient is instructed to open an Excel document to learn more. The email helpfully includes the relevant password-protected Excel attachment and the password needed to open the document – which of course is infected with Dridex malware.   


Be the hero that defeats a company’s security threats to declare victory over cybercriminals! GET THE GUIDE>>


Emotet 

Emotet is a sophisticated Trojan commonly functioning as a downloader or dropper of other malware. Like others of its type, Emotet is primarily spread via phishing email attachments and links that, once clicked, launch the payload. The US Cybersecurity Infrastructure Security Agency (CISA) warns that Emotet is difficult to combat because of its “worm-like” features that enable network-wide infections and its use of modular Dynamic Link Libraries to continuously evolve and update its capabilities. This variety of malware is notorious and its use waxes and wanes. In January 2021, authorities in Europe were able to gain control of Emotet ‘s infrastructure, shutting it down.  

But by December 2021, Emotet was ready to stage a comeback. Recently, researchers have warned that they’ve detected Emotet back on the scene operating through a new attack vector. This attack takes advantage of the fact that employees are constantly sending and handling Office 365 files. Cybercriminals capitalized on that by adding a few social engineering tweaks to make their Emotet-laden phishing messages seem like routine messages with routine attachments. In this scenario, victims receive an email containing an Excel file that includes a dangerous Excel 4.0 macro that when activated downloads and executes an HTML application. That application then downloads two stages of PowerShell to retrieve and deploy a poisonous payload: Emotet.  

Cybercriminals have been quick to evolve old strains of malware or develop new ones to do their dirty work.  Revenue in the malware industry has been steadily growing and is expected to reach 8 billion US dollars by 2025. An enormous rise in email volume has also played a role in making malware a go-to attack for bad actors. Over 92% of all malware is delivered by email, giving the bad guys plenty of opportunities to get their malicious messages into inboxes. Add to that the dependence that companies have on email and chat in the remote work era and businesses are looking at a recipe for disaster. 


malicious insider threats represented by a crime comic style blue eye looking through a peephole.

Are your systems and data really safe? Our Cybersecurity Risk Protection Checklist will help you find & fix vulnerabilities. GET IT>>


Reduce Your Company’s Risk for Malware Attacks Affordably 


If you’re looking for a solution to combat malware risk without breaking the bank, security awareness training is a perfect match. Not only does security awareness training reduce a company’s chance of experiencing a damaging cybersecurity incident by up to 70% it also reduces a company’s cost for dealing with phishing by an estimated 50%, saving your company money immediately and in the future.  

BullPhish ID is the ideal solution for the job. It’s packed with dynamic features that make the security awareness training experience painless for both trainees and IT professionals that are tasked with running it. Our newest iteration of Bull Phish ID streamlines the training process with automation and an array of content options that really shine when compared with similar solutions. 

15 new, up-to-date training videos on a variety of security and compliance topics including passwords, ransomware HIPAA compliance and more have just been added to our expansive content library, and we’ll be adding 4 new videos every month!   

8 new phishing kits have also been added to the array of options that are available now. Keep up with the latest threats by taking advantage of a steady stream of new plug-and-play or customizable phishing kits every month.  

Get a personalized demonstration of the newly retooled BullPhish ID today! 


Get ready to pack your bags for Connect IT 2022! Join us June 20-23 in Las Vegas for the industry’s premier event! REGISTER NOW>>