Malware Less Common in Q2, Still Top Attack Method

Despite malware attacks becoming less common since Q1 2018, they are still the top attack method, according to new research from Positive Technologies.

In its Q2 2018 Cybersecurity Threatscape, Positive Technologies found that the number of unique cyber incidents grew by 47% from the same period last year, while malware attacks dropped from 63% in Q1 to 49% in Q2. Credential compromises more than doubled between Q1 (7% of all attack methods) and Q2 (19%).

The report also found that most unique cyber incidents were targeted attacks on companies, their clients and cryptocurrency exchanges. Attackers used malware and made efforts to exploit zero-day vulnerabilities. Additionally, they leveraged social engineering tactics to steal administrator passwords and accessed partner companies in pursuit of their targets.

Both May and June saw twice as many attacks as were reported in Q1 2017. During Q2, hackers stole more than $100 million from cryptocurrency platforms. In addition to cryptocurrency, attackers were also out to obtain data in the second quarter of 2018. In fact, in 40% of the attacks, obtaining information was the apparent motivation, while 39% of attackers were conducted for financial gain. Most often, attackers compromised online platforms and e-commerce sites to steal personal data, credentials and credit cards.

Information is in high demand on the dark web, with a reported 59% of the supply offered consisting of users credentials. With the stolen credentials, attackers can access a variety of sites and services, including banks.

“We took a look at which information attracted hackers the most in Q2 2018. At the top of the list are personal data (30%) and account credentials (22%), such as for online banking. Credit and debit card information (15%) was obtained most often by using spyware or via compromised websites,” Positive Technologies wrote.

Targeted attacks against companies and organizations represented 54% of the total Q2 2018 attacks, though only 15% of attacks were against government. Infrastructure was the target of 44% of attacks this second quarter, while attacks on web resources grew nearly 10 points from 23% in Q2 2017 to 32% in 2018.