The Biggest Malware Threats of 2019
As we’ve entered a new year, we decided to recap the biggest threats to cybersecurity during 2019, that way we’ll have a better understanding of the more predominant cyberattacks that took place recently so we can be more secure in 2020. From stealing large amounts of money to compromising sensitive data, these malware threats were the worst offenders of last year.
Let’s take a look back!
10. Pegasus: The Spy of the Indian Government
Pegasus was the name of a spyware that got spread in India through Whatsapp at the end of October. This malware was used by the Indian government to spy on more than 1400 journalists and activists. The fact that the authorities of India themselves decided to make use of this kind of software, shows how little they care about the privacy of their citizens.
Pegasus was hidden as an exploit link that could access personal information with just one click. Passwords, text messages, contact lists and more valuable data from smartphones were stolen by the government to keep control of those who may have an opposing opinion that could influence people.
9. Retadup: A Crypto-Mining Malware
Retadup was a cryptocurrency-mining worm that infected 850,000 Windows PCs mostly throughout Latin America. Thankfully, this malware was completely removed by the French Cybercrime Center who discovered a flaw in the worm’s design and used it to get ahold of the command and control server.
Despite being neutralized, it remained one of the most effective malware of the year gaining a considerable profit in cryptocurrency. However, it seems that the trend of crypto-malware is slowly decreasing with a 5% decline month by month in 2019.
8. xHelper: The Malware That Never Dies
October was a busy month for malware, as the sneaky “xHelper” also reached 45,000 Android devices worldwide. It had a slow expansion starting back in March, but its sophisticated technique was able to make it stay on a device for a long, long time.
xHelper avoided detection by using strong encryption and if it was eventually detected, the malware couldn’t be erased from the device even after a factory reset. Many users reported that after they formatted their phones, xHelper would activate itself again in a matter of minutes, making it one of the most dangerous and persistent malware out there.
7. HiddenWasp: The Nightmare of Linux
No operating system is safe from malware and 2019 marked a rise in the number of cyberattacks targeted towards Linux users. The biggest offender was HiddenWasp, which managed to have a really low detection rate through most antivirus systems.
HiddenWasp was used to run commands, execute files, download scripts and other targeted actions, which were done through a remote computer. The only way to verify if your Linux system was infected was to look for files with “ld.so” and check if some of those files didn’t contain the chain “/etc/ld.so.preload”. If that was the case, your system may have been compromised.
6. Invisible Malware: Hiding in Plain Sight
As you might guess from its name, Invisible Malware attacks by not making itself visible. It lives only in the memory of your computer, making it very difficult to detect and remove.
Later on the year, specialists were able to find it in the Basic Input/Output System (BIOS), and in some cases they found it disguised as a firmware update. Once it was found, apparently the only way to remove it was to forcibly shut down the computer, but even then, this method didn’t work 100% of the time. Just like xHelper, this malware was not easy to kill.
5. Sodinokibi: An Old Threat with a New Name
Sodinokibi was a case of malware that actually evolved from one of the most popular ransomware from the previous years: GandCrab. To paint a better picture, let’s just say that it’s estimated that the creators of GandCrab earned as much as $2 billion from ransomware payments. Yeah, that much.
Sodinokibi followed that trend by asking for $2000 in Bitcoin for each targeted victim. With a similar method, this malware exploited the vulnerabilities of small and midsize businesses, infecting the regions of Asia and Europe.
4. Emotet: A Malicious Copy of Snowden’s Book
After four months of inactivity, Emotet made a comeback by disguising itself as a copy of Edward Snowden’s recently published book “Permanent Record”. The malware sent an email prompting users to read and download the book, and once a user fell for the trap, Emotet would start downloading other malware to steal their information and slow down the performance of their device.
This was one of the most prevalent malware of the year, taking advantage of a trend to exploit users in the process. Once it was downloaded, it would spread even further by sending malicious emails to more people from your contact list.
3. Trickbot: Disabling your Windows Protection
Trickbot’s first appearance didn’t happen this year, as it was already famous for infecting 250 million Gmail accounts in the past, but it definitely had a resurgence in 2019. Like other malware on the list, Trickbot goes after bank account information, browser data, and other credentials saved on a device.
The difference is that this time around, a new feature was added. Now, Trickbot could disable Windows Defender in 17 steps, leaving users completely unprotected. In addition, if combined with Ryuk ransomware, Trickbot could double the antics for a dangerous cyberattack.
2. Ryuk: The Most Expensive Ransomware
Taking its name from a character of the popular anime series “Death Note”, this malware got this high on the list because of its high profile targets and ransoms.
Ryuk has attacked big enterprise organizations like the servers of the City of New Orleans demanding payments from 15 to 50 Bitcoins, which translates to $100,000-$500,000. To put that into perspective, those prices are 10 times more than the average.
1. Dharma: Encrypting Files for Hospitals
Dharma was one of the most infamous ransomware of the year because of the many organizations that it targeted. The most concerning case happened when this malware encrypted critical records from a hospital in Texas. The health of many innocent patients was compromised because of this.
Dharma was sent via email encouraging users to check their anti-virus software to download a new version. This version was actually a completely functional ESET anti-virus, but it was used as a decoy while a corrupt file began to encrypt files in the background. To decrypt those files and get them back, users had to pay a big price.
Dharma was not the most widespread or expensive malware out there, but it earns the number one spot on this list because of its sensitive targets. Dharma infected hospitals and industrial plants, turning it into one of the most lethal cyber-threats of 2019.
Final Thoughts
As you can see, 2019 was a big year for cyberattacks throughout the world, but this list wasn’t meant to scare you off. We wanted to remind you of the risks and measures that you need to take in order to start 2020 completely protected. Don’t open unknown emails or links, don’t risk your safety by seeking pirated content, and most importantly get a secure anti-malware system.
If you want to add an extra level of protection to your anti-malware software you can count on our very own Online.io extension. By installing it on your browser you will be able to detect malware before it has a chance to infect your device, while also blocking ads and tracking software. That’s three levels of protection for free. Stay alert and happy new year!
