Security News > 2020 > March > TrickBot and Emotet strains make process injection most prevalent attack technique

TrickBot and Emotet strains make process injection most prevalent attack technique
2020-03-20 14:43

In Red Canary's 2020 Threat Detection Report, the company analyzed six million investigative leads from January 2019 to December 2019, honing in on the most prevalent cyberattack techniques faced by organizations worldwide.

Malware strains like TrickBot and Emotet were widespread according to threat detection and response specialists at Red Canary.

"An abundance of threats exhibiting worm-like behavior is perhaps the clearest trend from the 2020 Threat Detection Report, and TrickBot is the main driver of this activity. Another trend that stands out is the use of remote administration and network management tools for lateral movement and execution," the report said.

According to Red Canary detection engineer Jason Killam, process injection is a technique used by cyberattackers to mix malicious activity with operating system processes that are fairly routine.

Part of why process injection was so high on the list was because most of Red Canary's customers came to them with concerns after Emotet had already done its damage and TrickBot was infecting a significant amount of their devices.


News URL

https://www.techrepublic.com/article/trickbot-and-emotet-strains-make-process-injection-most-prevalent-attack-technique/#ftag=RSS56d97e7