2018 In-Review: Ransomware Bites Less, But Still A Malware To Recon With

The threat of Ransomware is becoming lesser this year 2018 compared to last year, as virus authors focused their energies in developing cryptocurrency mining malware AKA cryptojacking virus, the former is still a huge problem worldwide. There are still a lot of potential victims, most enterprises and individual users that don’t have a reliable backup system implemented. The payment of ransom to these threat actors for the hope to recover from their encrypted files locked by the ransomware continues, it is like the goose laying the golden egg for the virus authors.

This does not happen with the cryptojacking malware, such type of virus operates from the background, stealing GPU/CPU cycles as it attempts to process the crypto hashes. It is however very difficult to mine cryptocurrency than outright ask the victims to pay the ransom. It is more of a virtual gamble for a cryptojacking malware to one day successfully mine a few Monero-coins, their favorite cryptocurrency using stolen CPU/GPU cycles.

Bitdefender, a mainstream antimalware vendor underscored the importance of being alert and not lessening user’s awareness about the existence of ransomware in the wild. They will continue to victimized computers that have no patch installed, just like WannaCry made headlines for taking advantage of EternalBlue bug in 2017.

“We still record copious numbers of infections daily, but the good news is ransomware is no longer growing – it’s plateauing. One reason is already well documented: ransomware has taken a back seat to cryptojacking in the past year as bad actors developed a taste for stealing computing power to generate digital currency while flying under the radar. But an even heftier factor behind ransomware’s stagnation is the emergence of dedicated solutions aimed directly at thwarting this form of malware. There will always be new versions of ransomware, some more complex than others and some harder to catch, but we don’t expect ransomware to take on much bigger proportions,” explained Bitdefender spokesperson in their official blog.

Aside from ransomware, Bitdefender also highlighted the resurgency of Office Macro viruses next year, 2019. Unlike the old technique of simply autoexecuting malicious scripts as part of the default template (which was hijacked by the malware), 2019 macro viruses will depend on trust. This is by executing an effective social engineering strategy against a specific victim, also called spearphishing. Windows has expanded its scripting feature, including accessibility of the Registry through Powershell instead of the old Command Prompt. This enables Macro viruses to call Powershell for features that VBA (Visual Basic for Applications) cannot provide, enabling more complex macro viruses for the future.

Companies operating in the EU-member states and/or serving European citizens must always take note that they are always being watched by the European Commission through GDPR. 2019 marks the first anniversary of the full implementation of General Data Protection Regulation, took effect starting May 25, 2019, no company are exempted. Facebook and Google, two giant tech companies today are in fact under investigation for violation of user privacy and expected to be fined soon (Facebook already fined $500,000 initial, for the Cambridge Analytica fiasco).