Android Trojans and Domain Name Attacks Top July Cyber ​​Threat Trends

Android Trojans and Domain Name Attacks Top July Cyber ​​Threat Trends

In July, Bitdefender identified 205 ransomware families as part of the Bitdefender August Threat Briefing.

by Bitdefender August’s Bitdefender Threat Debrief (BDTD) is a monthly series aimed at analyzing news, trends and threat research from the previous month. In July, Bitdefender researchers looked at ransomware detections, rather than infections, and counted the total number of cases, not the financial significance of the infection’s impact.

Ransomware

Bitdefender Analysts identified 205 ransomware families in July, with the number of ransomware families detected varying each month based on ongoing ransomware campaigns in different countries. WannaCry was the most widely detected ransomware family, accounting for 37%. Robin came in second with 20%.

Analysts detected ransomware from 151 countries in their data set this month, as ransomware continues to be a threat that affects almost the entire world. Many ransomware attacks continue to be opportunistic and population size correlates with the number of detections. The United States was the most affected by ransomware, accounting for 24%, followed by Brazil with 17% and India with 14%.

Android Trojans

The global cybersecurity solutions company also analyzed the top 10 Trojans targeting Android that the company saw in its telemetry in July.

Downloader.DN, refurbished apps pulled from the Google App Store and bundled with aggressive adware, was the biggest Trojan targeting Android with 43%. Next is the SMSSend.AYE malware (33%) which attempts to register itself as the default SMS application on first run by asking for user consent.

DISCOVER

Homograph attacks

The Bitdefender team also analyzed homograph attacks, which work to misuse international domain names (IDNs). Hackers create international domain names that spoof a target domain name. A “target” of IDN homograph phishing attacks refers to the domain that hackers are trying to impersonate.

Blockchain.com was by far the most common target, accounting for 58% of attacks, with facebook.com, binance.com, paypal.com and gmail.com among other targets.

[Related: Nation-state threat actors exploit machine identities to run cyber attacks]

Android Trojans and Domain Name Attacks Top July Cyber ​​Threat Trends

hacked-network-csc.jpg

lawyers weekly logo

Last update: August 26, 2022

Posted: August 26, 2022

Comments are closed.