In 2019, the number of unique malicious objects (malware) detected by Kaspersky's online antivirus solutions increased by an eighth, compared to the previous year — reaching 24.610.126. This growth is mainly due to the 187% increase in web skimmers files. Other threats, such as backdoors and banking Trojans detected in the lab, also increased, while the presence of miners was halved.
These trends demonstrate a shift in the type of threats used by online attackers who are looking for more effective ways to target users, according to a Kaspersky report with statistics data of the year.
Το 2018, τα μοναδικά κακόβουλα αντικείμενα (συμπεριλαμβανομένων σεναρίων, exploits και εκτελέσιμων αρχείων) που εντοπίστηκαν από τη web antivirus λύση της Kaspersky άγγιξαν τις 21.643.946, ενώ φέτος έφτασαν τις 24.610.126.
This growth represents an increase in the number and variety of HTML pages and scripts with hidden data – typically used by unscrupulous advertisers. However, more specifically, the increase was also partially driven by online skimmers (sometimes referred to as 'sniffers') – where scripts are embedded by attackers into online stores and used to steal users' credit card data from websites.
The increase in the unique files of online skimmers (scripts and HTML) detected by Kaspersky solutions reaches 187%, reaching 510.000.
At the same time, the number of malware detected increased fivefold (an increase of 523%) to 2.660.000 in 2019. Web skimmers also entered the top 20 malicious items detected on the internet, taking 10th place in the overall ranking.
The share of new backdoors and banking Trojan files, among all types of threats detected in the lab, also increased by 134% and 61% to reach 7.644.402 and 739.551 respectively.
The presence of cryptocurrency programs on users 'computers (called "local" miners) has also declined steadily over the year: the number of users' computers affected by attempts to install cryptocurrency programs has dropped by 59%, from 5.638.828 .2.259.038 to XNUMX.
“The volume of online attacks αυξάνεται εδώ και χρόνια, αλλά το 2019 είδαμε μια σαφή μετατόπιση από ορισμένους τύπους επιθέσεων που καθίστανται αναποτελεσματικές, σε εκείνες που επικεντρώθηκαν στην απόκτηση σαφούς κέρδους από τους χρήστες. Αυτό οφείλεται εν μέρει στο ότι οι χρήστες αποκτούν μεγαλύτερη επίγνωση των απειλών και πώς να τις αποφεύγουν, και οι οργανισμοί καθίστανται σταθερά πιο υπεύθυνοι. Ένα καλό παράδειγμα είναι τα προγράμματα εξόρυξης κρυπτονομισμάτων, τα οποία έχασαν τη δημοτικότητά τους λόγω της χαμηλότερης κερδοφορίας και της μάχης των κρυπτονομισμάτων ενάντια στη συγκεκαλυμμένη εξόρυξη. Φέτος, παρακολουθήσαμε επίσης την αύξηση των zero-day exploits, δείχνοντας ότι τα προϊόντα παραμένουν ευάλωτα και χρησιμοποιούνται από τους επιτιθέμενους για εξελιγμένες επιθέσεις, και αυτή η τάση είναι πιθανό να συνεχιστεί στο μέλλον», αναφέρει ο Vyacheslav Zakorzhevsky, Head of Anti-Malware Research στην Kaspersky.
Verdict |
%* |
||||
1 | Malicious URLs | 85.40% | |||
2 | Trojan.Script.Generic | 5.89% | |||
3 | Trojan.Script.Miner.gen | 3.89% | |||
4 | Trojan-Clicker.HTML.Iframe.dg | 0.65% | |||
5 | Trojan.BAT.Miner.gen | 0.26% | |||
6 | Trojan-Downloader.JS.Inor.a | 0.22% | |||
7 | Trojan.PDF.Badur.gen | 0.21% | |||
8 | DangerousObject.Multi.Generic | 0.21% | |||
9 | Trojan-Downloader.Script.Generic | 0.17% | |||
10 | Trojan-PSW.Script.Generic | 0.15% | |||
11 | Trojan.Script.Agent.gen | 0.15% | |||
12 | Hoax.HTML.FraudLoad.m | 0.13% | |||
13 | Exploit.Script.Generic | 0.08% | |||
14 | Trojan.Script.Agent.bg | 0.07% | |||
15 | Trojan.Multi.Preqw.gen | 0.06% | |||
16 | Exploit.MSOffice.CVE-2017-11882.gen | 0.06% | |||
17 | Trojan-Downloader.JS.SLoad.gen | 0.05% | |||
18 | Hoax.Script.Loss.gen | 0.05% | |||
19 | Trojan.JS.Miner.m | 0.05% | |||
20 | Trojan-Downloader.VBS.SLoad.gen | 0.04% |
*Share of all attacks Internet Malware (malware) that detectsthey were on users' computers
More information can be found on the dedicated website Securelist.com.
To stay protected, Kaspersky recommends the following:
- Pay close attention and do not open suspicious files or attachments you receive from unknown sources.
- Do not download and install applications from unreliable sources.
- Do not click on links received from unknown sources and suspicious web ads.
- Make strong passwords and do not forget to change them regularly.
- Always install updates. Some of them may contain fixes for critical security issues.
- Ignore messages asking you to disable security systems for office software or antivirus software.
- Use a strong security solution suitable for your system type and your devices.