WEI Tech Exchange

With the wide range of reported cybersecurity incidents and hackers getting more creative than ever before, there is no shortage of threats to the modern enterprise. IT managers must not only secure current data and systems, but preemptively protect against ongoing future threats, which are constantly evolving. While there are well-known versions of malware, “Tellingly, WatchGuard’s inaugural Internet Security Report found that some 30 percent of malware in Q4 was new, or ‘zero day.’ (Not to be confused with zero-day exploits.) In other words, one-third of malware identified wouldn’t be caught by legacy antivirus solutions,” according to PYMNTS.

How can you predict the next instance of malware and make sure your antivirus solutions are up to date? Check out these new reports of malicious software that have been keeping IT managers up at night for advice on what to look for.

New malware instances you need to know about

1. FalseGuide Malware on the Google Play Store

Recently, security researchers at Check Point found something alarming: a new malware called FalseGuide was buried in more than 40 apps on the Google Play Store, with some of them becoming infected as early as November 2016. While the thought of having malware embedded in your favorite games is scary, the idea that malware could be hidden in productivity apps and others used during business is downright dangerous. While the offending apps have been removed and restored, it’s a wakeup call for organizations allowing BYOD, and using apps to connect with team members, vendors and customers.

The worst types of malware are those that invest in building a relationship with the target, then launch a campaign to steal their information; Charming Kitten is one hacker group to be aware of. A threat organization that originated in 2011 and is also known as Newscaster or NewsBeEF, it uses fake profiles on social media to target its victims.

By pretending to be journalists, the hackers infiltrate your organization and build your trust. Then, they attack using, “A type of malware known as a ‘wiper’ - malware designed to delete files or systems,” according to The Hill. “StoneDrill embeds itself onto the memory used by a running web browser. It is designed to delete vast swaths of files, but will make a specific effort to delete any files with names beginning with ‘asdhgasdasdwqe’ followed by numbers.” The significance of the numbers is not known, and this malware has mainly been targeting the military.

A frightening new piece of malware with questionable political ties, the so-called ‘NSA malware’ was released by the Shadow Brokers hacker group, and they claimed it originated from the NSA. While the NSA has not commented on this allegation, the malware appears to have foreign ties and a political agenda. Luckily, this attack did not appear to be focused on U.S. enterprises, but could have affected those that do business overseas.

According to the BBC, “The malware analyzed by Symantec had been used to infect computers in Europe, Asia and the Middle East.” Symantec said of the malware, “On one occasion a computer in the United States was compromised but, following infection, an uninstaller was launched within hours, which may indicate this victim was infected unintentionally.” If you keep your data abroad or conduct business internationally, the ‘NSA malware’ is one to look out for.

NEXT STEPS: Although the threat of malware is always present, there are many things you can do to protect your enterprise. Start with our free security and threat prevention assessment to uncover any potential vulnerabiltiies in your network, and get a list of recommendations from our certified engineers.