The report found that even though ransomware detections was up in 2017, by 90% for businesses and 93% for consumers, development of new types and delivery methods slowed considerably, especially in the final quarter.
Cybercriminals ramped up deployment of banking Trojans, spyware and hijackers to attack companies. The report records a 40% increase in hijackers and 30% increase in spyware detections in 2017. The second half of the year also marked a 102% increase in banking Trojan detections.
In parallel to the use of cryptocurrency for legitimate trades and purposes, cybercriminals have been deploying cryptomining tools with the help of victim system resources, including compromised websites serving drive-by mining code.
“The ransomware industry is based on a solid and sustainable business model that allows cybercriminals to make easy money without much effort and almost no risk of being halted,” said Ilia Kolochenko, CEO of web security company High-Tech Bridge. “The growing popularity of cryptocurrencies facilitates safe and untraceable payments by the victims.”
The report also speculates about trends in 2018.
“We realise making predictions about cybercrime is a bit more art than science, but when we look back over years of patterns and data and experience, we can make some educated guesses about where we think this is all going,” it says.
Malwarebytes predicts that cybercriminals who developed new tools to take advantage of IoT with spam-spreading botnets and DDoS attacks in 2017 will set their sights on large organisations, like airline companies and power utilities, demanding a ransom to call off an army of botnet-infected IoT devices.
However, instead of encrypting files, the attacks will disrupt business operations until payment has been made.
“I think the ransomware business model will dominate the realm of cybercrime for the next few years at least.” Ilia Kolochenko, CEO, High-Tech Bridge
Kolochenko agrees that ransomware will continue to be a major problem this year. He expects “a steady growth of ransomware attacks in 2018. Moreover, the competition among hacking teams will also increase, pushing some of them to invent new attack vectors and search for new victims.
“We have already seen campaigns against mobile phones and smart objects including smart TVs, websites and even industrial control systems. I think the ransomware business model will dominate the realm of cybercrime for the next few years at least.”
Drive-by mining and skyrocketing values are encouraging cryptomining among both users and criminals alike, the Malwarebytes report also observes. Faced with continued volatility in the cryptocurrency market, an evolution of drive-by mining tools, new mining platforms (such as Android and IoT devices), and new forms of malware designed to mine and/or steal cryptocurrency is likely.
