Report: Threat of Emotet and Ryuk

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats

Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019.

This study also concludes that a total of 377 Portuguese domains to spread different types of malware in the same period.

Analyzing the general distribution of the compromised domains, grouped by category, it is possible to verify that the most affected were as follows: professional/companies (20.2%), personal (13.5%), retail (12.7%) and industry (11.9%).

Social media/communication organizations, health care and non-profit organizations were less impacted. It was also possible to conclude that Emotet was the most widespread Malware worldwide and it has been enhanced with new capabilities that include the Ryuk Ransomware. This enhancement appeared in the middle of September 2019.

Ryuk infects computers by encrypting all local and shared files, not allowing the user’s access without paying the ransom. This ransomware is difficult to stop and does not have known execution flaws at the present time.

“We live in an era where we increasingly hear about malware and the impact it has on companies and people. The term malware has been gaining prominence as a result of the wave of malware and phishing campaigns that anyone is subject to”, says Cipher. “Portugal still lacks information about compromised Portuguese domains (.pt) and the kind of the malware used to perform these attacks. This report pretends to show how the .pt domains were used in malware campaigns, through the analysis of the first to the third quarter of 2019,” he concludes.

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks.

DOWNLOAD FULL REPORT

For additional technical studies, visit Cipher Labs.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – malware, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.