Skip to content

Antimalware Day: Five malware types plaguing 2020

First marked on 3rd November 2017, Antimalware Day was established by ESET to honor the work of researchers in information security, as well as those in the technology industry more widely. The date was chosen to celebrate the work of Frederick Cohen, who – on 3rd November 1983 – created self-replicating code, and his Ph. D. advisor Professor Leonard Adleman, who first named this code as a computer virus.

A lot has changed in the 37 years since, with huge advances in both the malware used by cybercriminals and the technology used to fight against it. This Antimalware Day, ESET invites you to learn about five significant malware types threatening internet users in 2020.

1. Internet of Things (IoT) malware
As we increase our use of smart technology – whether voice assistants, connected doorbells or routers – it is unsurprising that attacks on these devices have also risen. A common type of malware that targets IoT devices is malicious bots.

Once taken over by bots, IoT devices are often used as communication channels to other compromised devices in networks called botnets. Harnessing the full weight of a botnet, the botnet operators can conduct a host of malicious activities, including deploying ransomware, conducting distributed denial of service attacks and stealing banking credentials, with deadly effect.

Unfortunately, IoT devices can be extremely easy to target. This is due both to the prevalent use of default or weak passwords like “admin” and the bad practice of not patching your home router. Among over 100,000 tested routers, the top 10 vulnerabilities detected by ESET were old ones from 2012 to 2015.

While often not a key focus – even for security-conscious individuals – keeping your smart devices always up-to-date is a crucial element of cyber hygiene.

2. Android malware
The top category of Android threats detected by ESET in 2020 is called ‘Hidden Apps’. Hidden Apps are a form of malware that hide their icons after installation and plague your device with annoying, full-screen ads.

To encourage downloads, this malware is often disguised as attractive games or useful utilities, deceiving individuals of their true purpose until it is too late. As the icons for these apps disappear once they have been downloaded, it can be difficult for users to locate the issue and uninstall the malware.

The best protection is to use security software like ESET Mobile Security that can detect and remove these apps.

3. Malicious torrents
Torrenting – or the act of downloading many small bits of data from different sources simultaneously – is a legitimate process, mostly used to share videos and music, distribute large amounts of data, or download and update games. However, malicious torrents are prevalent, and can be used to quickly spread malware.

Earlier this year, ESET uncovered a malware family that used precisely this process: KryptoCibule. KryptoCibule makes extensive use of the BitTorrent protocol tempting users with the offer of cracked or pirated software and games. While delivering the expected goods, the malware downloads both a cryptominer and a clipboard hijacking component that steals cryptocoins, and exfiltrates cryptocurrency-related files.

Malware like KryptoCibule present yet another reason to prefer official websites and services instead of torrenting sites.

4. Mac malware
Once thought immune to computer threats, it is now clear that Mac devices can be compromised with malware, and they have been targeted frequently by cybercriminal groups. In 2020, ESET Research discovered fake websites distributing trojanized cryptocurrency trading applications for Mac computers.

For example, the Kattana trading application for Mac computers was copied and trojanized in July 2020. Cybercriminals utilized the so-called GMERA malware to steal information, such as browser cookies and cryptocurrency wallets, and take screenshots.

Protecting Mac computers with security solutions like ESET Cyber Security is crucial to fend off threats that otherwise present genuine-looking websites and apps for cryptocurrency traders to use.

5. Malicious emails
Working from home, unfortunately, means greater vulnerability to email-based cyberattacks, so it is no surprise that malware distributed via email has surged over the past few months. Total malicious email detections are up, and the highest portion (25%) carried an exploit for a 2017 vulnerability in Microsoft Office.

Make sure to turn on auto-updates for your Microsoft Office apps and prevent older vulnerabilities from coming back to bite you.

You can read more about Antimalware Day here. For more information about ESET, visit our website here, and to gain insight into the current threat landscape, read ESET’s Q3 2020 Threat Report.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.