McAfee Labs recently published their Threats Report for June 2018, shedding light on the latest investigative research and threat trend statistics from the first quarter of the year. One of the most alarming findings was the dramatic increase in coin miner malware, which surged by 629% in Q1 to over 2.9 million samples.
Apart from the rise in coin miner malware, the report also delved into the intricate nation-state threat campaigns orchestrated by financially and politically motivated criminals targeting users and enterprise systems globally.
The criminals behind these campaigns are becoming increasingly innovative and adept at evading detection and mitigation. They are constantly evolving their attack strategies and techniques, making it challenging for cybersecurity professionals to stay one step ahead.
One of the notable campaigns highlighted in the report is Gold Dragon, a sophisticated form of fileless malware that is designed to evade detection by monitoring processes associated with anti-malware solutions. Additionally, the Lazarus cybercrime group resurfaced with a new phishing campaign called HaoBao, targeting global financial organizations and Bitcoin users.
The report also sheds light on the GhostSecret campaign, believed to be linked to the notorious cybercrime group Hidden Cobra. This campaign employs a series of implants to steal data from infected systems while remaining undetected and elusive to forensic investigators.
Furthermore, the report points out a shift in tactics employed by cybercriminals from PowerShell to LNK in Q1 2018. While there was a significant drop in PowerShell exploits (77%), there was a noticeable increase in LNK malware (59%), showcasing the adaptability and resourcefulness of bad actors in the cyber realm.
In conclusion, the Threats Report for June 2018 underscores the relentless efforts of cybercriminals to enhance their malicious activities and evade detection. It serves as a stark reminder of the ever-evolving nature of cybersecurity threats and the importance of staying vigilant and proactive in safeguarding digital assets and information.