Ransomware, Flash Malware on the rise in 2015 – beware
As per the latest Intel Security’s McAfee Labs report, Adobe Flash multimedia malware attacks and ransomware have surged.
Adobe Flash malware has grown 317 percent as the attackers have started to focus on the vulnerabilities of Adobe Flash. This has been fueled by the increased growth of Adobe Flash, increase in Adobe Flash supported devices, difficulty in detecting Flash exploits and delay in applying the available patches.
The report mentions that Forty-two new Adobe Flash vulnerabilities were submitted to the National Vulnerability Database in Q1 and Adobe released fixes on the same day when the vulnerabilities were reported.
“With the popularity of a product like Flash, there comes a tremendous responsibility to proactively identify and mitigate security issues potentially threatening millions of users. This research nicely illustrates how the tech industry works together constructively to gain an advantage in the realm of cybersecurity – industry partners sharing threat intelligence, and technology providers acting on information quickly to help prevent potential issues.” said Vincent Weafer, senior vice president, McAfee Labs.
“We at Intel take hybrid software-hardware threats and exploits seriously. We have closely monitored both academic proofs of concept and in-the-wild cases of malware with firmware or BIOS manipulation capabilities, and these Equation Group firmware attacks rank as some of the most sophisticated threats of their kind. While such malware has historically been deployed for highly-targeted attacks, enterprises should prepare themselves for the seemingly inevitable ‘off-the-shelf’ incarnations of such threats in the future.”, continued Weafer.
Along with this, McAfee Labs registered a 165 percent increase in the new, hard-to-detect CTB-Locker ransomware family called Teslacrypt. McAfee Labs attributes CTB-Locker’s success to clever techniques for evading security software, higher-quality phishing emails, and an “affiliate” program that offers accomplices a percentage of ransom payments in return for flooding cyberspace with CTB-Locker phishing messages.
To protect the devices, keep them updated with latest OS patches and/or the security software updates.