Malicious Android Apps and Ransomware dominates Q1 Threatscape
mai 2016 par Proofpoint
Proofpoint is releasing it Quarterly Threat Report which analyses threats, trends and transformations they have seen within our customer base and in the wider security marketplace across the last three months. Each day, Proofpoint analyzes more than one billion email messages, hundreds of millions of social media posts, and more than 150 million malware samples to protect people, data, and brands from advanced threats.
Key findings from the study include :
98% of all malicious mobile apps examined in Q1 targeted Android devices. This remains true despite the high-profile discovery of an iOS Trojan and the continuing presence of risky iOS apps and rogue app.
75% of impostor email phishing attacks relied on “reply-to” spoofing to trick users into thinking messages were from someone in authority. Impostor email threats are increasingly mature and specialized and they are one of the biggest threats targeting organisations today. It is estimated $2.6 billion has been lost to the vector in the last two years.
Ransomware vaulted into the top ranks of malware most preferred by cyber criminals. 24% of email attacks based on attached document files in Q1 featured the new Locky ransomware. Dridex was the only malware payload used more frequently.
Email continues to be the top threat vector, and malicious message volume rose sharply. Q1 volume increased by 66% over Q4 2015—and more than 800% over the year-ago quarter. Dridex accounted for 74% of total attachment-based malicious email volume.
Every major brand Proofpoint examined increased social media content by at least 30%. As the volume of fan- and brand-generated content increases, higher risk follows. Businesses are constantly challenged to protect their brand reputation and stop spam, pornography, and adult language from diluting their message.
Java and Flash Player vulnerabilities continue to pay dividends for cyber criminals. Angler was the most used exploit kit, accounting for 60% of total exploit kit traffic. Neutrino and RIG exploit kit use was also up with increases of 86% and 136%, respectively.