According to the recent report from Symantec reveals, The family of Kovter Trojan was responsible for increasing a new variant of malware in the month of October. In October, the number of the new and unique variants of malware jumped to 96.1 million which are almost twice from the number of malware that reported in the month of September (50.1 million). The Security company says that the number of malware has increased activity when the number of variants reach 45.4 million since August.
In January last year, Trojan was detected in a campaign of malvertising which involving in affecting the major new sites and AOL as a network. Last year, in July, the ad fraud malware was detected during the update of IE and Adobe Flash Player on the affected PCs. These all happened in the previous year but this year in the month of April, Kovter was observed which added the capabilities of ransomware. In the beginning of July, Kovter was distributed as an update for the most popular browser and by the end of that month, the developer of this threat packed it with a new persistence mechanism.
Kovter was not only the click-fraud Trojan to activate in the malware segment. This Trojan is usually dropped onto the infected PC via JS.Nemucode which is a downloader that spreads through malicious Spam email attachments, exploit kits and spammers. In the month of October, Mirai botnet has been brought by it to the spotlight after IoT devices infected with that used the most powerful DDoS attacks. One of these attacks are targeting the provider Dyn and knocked the most popular sites for many users including Twitter, Spotify, PayPal and much more. In the same month means October, there is another malware was discovered known as Trojan.Odinaff which used by the Symantec people that tied with the group of Carbanak. It was used in the series of malware attacks against the financial organizations. The operators of this threat also launched the attacks on SWIFT users.
The month of October has been marked as RIG’s second month at the top of EK segment because it accounted for 37.4% of the entire EK activity. With 45% increase in usage, the magnitude climbs to the second position while the usage of RIG’s end up by 69%. In this month, Symantec blocked up to 460,000 attacks of the web each day. The Spam emails or Junk mail attachments containing notorious WSF attachments increased the possibility of the malware attack. In the month of October alone, over 2.2 million Spam-emails has blocked by Symantec which spreading the Locky ransomware.
From the last month, the phishing rate dropped to one in 5,313 emails. With the Public Administration hit the most at one in 2, 814 emails. During this month, about 1,501-2,500 businesses employees were targeted the most by phishers. An opportunity has been represented by the U.S. Presidential election for the hackers to increase the malware and distribution. With the help of election-related spam, the global spam rate reached up to 54.1% which is the highest rate since the November 2015.