Eurasian cyber criminals enjoy permissive operating environments in Russia and other former Soviet republics. Qakbot and TrickBot are used to form botnets and are developed and operated by Eurasian cyber criminals known for using or brokering botnet-enabled access to facilitate highly lucrative ransomware attacks.The most prolific malware users of the top malware strains are cyber criminals, who use malware to deliver ransomware or facilitate theft of personal and financial information. Malicious actors’ use of known malware strains offers organizations opportunities to better prepare, identify, and mitigate attacks from these known malware strains. Updates made by malware developers, and reuse of code from these malware strains, contribute to the malware’s longevity and evolution into multiple variations. Malicious cyber actors have used Qakbot and Ursnif for more than a decade.Malicious cyber actors have used Agent Tesla, AZORult, Formbook, LokiBot, NanoCore, Remcos, and TrickBot for at least five years.The top malware strains of 2021 are: Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader. These mitigations include applying timely patches to systems, implementing user training, securing Remote Desktop Protocol (RDP), patching all systems especially for known exploited vulnerabilities, making offline backups of data, and enforcing multifactor authentication (MFA).ĭownload the PDF version of this report: pdf, 576 kb The most prolific malware users are cyber criminals, who use malware to deliver ransomware or facilitate theft of personal and financial information.ĬISA and ACSC encourage organizations to apply the recommendations in the Mitigations sections of this joint CSA. Most of the top malware strains have been in use for more than five years with their respective code bases evolving into multiple variations. In 2021, the top malware strains included remote access Trojans (RATs), banking Trojans, information stealers, and ransomware. Some examples of malware include viruses, worms, Trojans, ransomware, spyware, and rootkits. Malicious cyber actors often use malware to covertly compromise and then gain access to a computer or mobile device. Malware, short for “malicious software,” can compromise a system by performing an unauthorized function or process. This advisory provides details on the top malware strains observed in 2021. This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency ( CISA) and the Australian Cyber Security Centre ( ACSC). Provide end-user awareness and training about social engineering and phishing.Secure Remote Desktop Protocol (RDP) and other risky services.Enforce multifactor authentication (MFA).Patch all systems and prioritize patching known exploited vulnerabilities.Immediate Actions You Can Take Now to Protect Against Malware:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |