Skip to main content

Malware over SSL up 60 per cent in half a year

(Image credit: Photo Credit:

Malicious threats using SSL encryption have seen a huge boost in popularity among cyber criminals this year, new research has found.

The ThreatLabZ report from security firm Zscaler revealed that an average of 60 per cent of the transactions in the Zscaler cloud have been delivered over SSL/TLS. The Zscaler cloud saw an average of 8.4 million SSL/TLS-based security blocks a day this year. 

New malicious payload distribution has also been spotted, based on unique payloads that were spotted in the Zscaler Cloud Sandbox. Most payloads included Trojans (60 per cent), with ransomware sitting at number two with 25 per cent. Other notable mentions include Infostealer Trojan families. 

“Hackers are increasingly using SSL to conceal device infections, shroud data exfiltration and hide botnet command and control communications. In fact, our study found that the amount of phishing attempts per day delivered over SSL/TLS has increased 400 percent from 2016,” said Deepen Desai, senior director, security research and operations. 

“SSL inspection is a necessity in ensuring the security of network traffic in the enterprise. Zscaler sits between users and the internet, inspecting every byte of traffic, including encrypted traffic, so we can catch hidden threats before they get into the network.”

The report also states that the Zscaler cloud blocked an average of 12,000 phishing attempts daily, over SSL/TLS, representing a 400 per cent jump compared to 2016. Also, new and ‘increasingly sophisticated’ malware strains employ SSL to encrypt their C&C mechanics. 

The infographic with all the findings can be found on this link. 

Photo Credit:

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.