World Cup may have distracted malware hackers

null

This holiday season, together with the 2018 World Cup that took place in Russia, may have lulled hackers, cyber security researchers are claiming.

New research from Cofense says that the distribution of TrickBot saw a significant drop during the World Cup.

TrickBot is a banking malware known by constantly being updated and transformed. From April, up until June, it saw sustained and increasing attacks. However, as the end of July approached, TrickBot’s phishing lures became ‘incredibly simplistic’.

Cofense says this can be explained by the World Cup and the holiday season distracting TrickBot’s operators, TrickBot phishing emails being spread by a group with fewer resources, or TrickBot’s operators using the time to curate malware.

“Attackers will continue to improve their software to ensure a successful infection, thus emphasising the importance of understanding these potentially harmful attacks,” explained Aaron Higbee, Co-Founder and CTO of Cofense.

“Our findings highlight the crucial need for incident responders and network defenders to devise an appropriate response plan for high-impact phishing campaigns. By empowering and educating users to recognise and report suspicious emails, organisations and enterprises can avoid falling victim to attacks on their infrastructure.” 

The researchers said Loki Bot with 19 per cent, Pony with 16 per cent and jRAT with 17 per cent were the dominating three malware families, with most volume.

Geodo’s threat escalated in the last few months, the report added, saying the Trojan was used as a loader for additional malware and multiple campaigns, as well as a malware downloader.

Photo Credit: andriano.cz/Shutterstock