April 25, 2019

Malwarebytes Q1 Cybercrime Report: Emotet and Ransomware Attacks Renew Focus on Enterprise; Trojan Detections Grow 200 Percent

SMBs Face Greatest Risk as Overall Business Detections Grow 235 Percent

Santa Clara, CA – April 25, 2019 – MalwarebytesTM, the leading advanced endpoint protection and remediation solution, today announced the results of the Q1 2019 Cybercrime Tactics and Techniques report. The report is a culmination of data based on the Company’s unique threat analysis capabilities. Q1 showed a significant uptick in business ransomware detections (195 percent), along with continued momentum for Trojan variations by over 200 percent and a sharp decline in cryptomining.

Trusted as an authority on malware and threat analysis, Malwarebytes’ latest report shows an increasing trend of cybercriminals targeting businesses, and in particular SMBs, whose limited resources make them prime targets. This shift away from consumer targets demonstrates that cybercriminals are focusing on higher value targets with heavier stores of consumer data over individuals. This quarter, a new section on data privacy has been added to the report, detailing the habits and sentiments of consumers on their data amidst the evolving threat landscape, as well as businesses’ lax practices for protecting that data.

“Consumers might breathe a sigh of relief seeing that malware targeting them has dropped by nearly 40 percent, but that would be short-sighted,” said Adam Kujawa, director of Malwarebytes Labs. “Consumer data is more easily available in bulk from business targets, who saw a staggering 235 percent increase in detections year-over-year. Cybercriminals are using increasingly clever means of attack to get even more value from targets through the use of sophisticated Trojans, adware and ransomware.”

Highlights from the report include:

  • The US leads in global threat detections at 47 percent, followed by Indonesia with nine percent and Brazil with eight percent.
  • Businesses are the prime target. Overall detections of threats to businesses have steadily risen. They increased by about seven percent from the previous quarter, while consumer detections declined by nearly 40 percent. Compared to Q1 2018, business detections have skyrocketed 235 percent.
  • Ransomware is back to business. Ransomware has gained rapid momentum among business targets with an increase of 195 percent in detections from Q4 2018 to Q1 2019. Compared to the same time last year, business detections of ransomware have seen an uptick of over 500 percent, due in large part to a massive attack by the Troldesh ransomware against US organizations in early Q1.
  • Emotet also continues to target enterprises. Emotet has made a total shift away from consumers, reinforcing the intent of its creators to focus on enterprise targets, except for a few outlier spikes. Detections of Trojans (Emotet’s parent category) on business endpoints increased more than 200 percent since Q4, and almost 650 percent from the same time last year.
  • Cryptomining against consumers is essentially extinct. Marked by the popular drive-by mining company CoinHive shutting down operations in March, consumer cryptomining dropped by 79 percent for consumers compared to the same time period last year.
  • Mobile Mac devices are increasingly targeted by adware. While Mac malware saw a more than 60 percent increase from Q4 2018 to Q1 2019, adware was particularly pervasive, growing over 200 percent from the previous quarter.
  • Exploit authors developed some flashy techniques. A new Flash Player zero-day was discovered in Q1 and quickly implemented into popular exploit kits, including Underminer and Fallout EK, as well as a new exploit kit called Spelevor.

The full Cybercrime Tactics and Techniques Report is available at: https://resources.malwarebytes.com/resource/cybercrime-tactics-techniques-2019-q1-report/

To read more about Malwarebytes’ latest findings, visit our blog, follow us on Twitter, or check us out on LinkedIn.

About Malwarebytes Malwarebytes is trusted to protect people and businesses against the latest dangerous cyberthreats including malware, ransomware and exploits that traditional antivirus solutions fail to catch. Malwarebytes’ offers comprehensive defense and recovery technologies to safeguard devices whether at home or in the office, enabling users to protect themselves anywhere, anytime. Malwarebytes’ team of researchers and security experts protect more than 60,000 businesses and millions of people worldwide, combatting more than 8.8 million threats daily using artificial intelligence and machine learning to identify behavior and catch new threats


Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.