Report: Threat of Emotet and Ryuk

Experts at cyber security firm Cypher conducted a study on Portuguese domains during 2019 and concluded that Emotet and Ryuk were the most active threats

Emotet, the most widespread malware worldwide and Ryuk, a ransomware type, are growing threats and real concerns for businesses and internet users in 2020. This is the conclusion of a study by Cipher Portugal, which studied Portuguese domains during 2019.

This study also concludes that a total of 377 Portuguese domains to spread different types of malware in the same period.

Analyzing the general distribution of the compromised domains, grouped by category, it is possible to verify that the most affected were as follows: professional/companies (20.2%), personal (13.5%), retail (12.7%) and industry (11.9%).

Social media/communication organizations, health care and non-profit organizations were less impacted. It was also possible to conclude that Emotet was the most widespread Malware worldwide and it has been enhanced with new capabilities that include the Ryuk Ransomware. This enhancement appeared in the middle of September 2019.

Ryuk infects computers by encrypting all local and shared files, not allowing the user’s access without paying the ransom. This ransomware is difficult to stop and does not have known execution flaws at the present time.

“We live in an era where we increasingly hear about malware and the impact it has on companies and people. The term malware has been gaining prominence as a result of the wave of malware and phishing campaigns that anyone is subject to”, says Cipher. “Portugal still lacks information about compromised Portuguese domains (.pt) and the kind of the malware used to perform these attacks. This report pretends to show how the .pt domains were used in malware campaigns, through the analysis of the first to the third quarter of 2019,” he concludes.

Malware is malicious software intended to wreak havoc and damage on target networks and systems, having the ability to spread on these systems while remaining undetectable, avoiding antivirus detection, causing changes and critical damage to the infected systems or networks.

DOWNLOAD FULL REPORT

For additional technical studies, visit Cipher Labs.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – malware, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]