Tracking the global spread of malware

2023-03-17 04:00

Akamai observes nearly seven trillion DNS requests daily and classifies malicious DNS transactions into three main categories: malware, phishing and command and C2. These attacks present a major threat to both enterprises and home users.

They analyzed malicious DNS data and linked attackers to malware such as Emotet, a malware strain that is now one of the most dangerous cybercrime services, and QSnatch, which targets backups or file storage and is the most significant botnet threat in enterprise environments.

According to their data, QSnatch accounted for 36% of infected devices.

This malware specifically targets QNAP, a type of NAS device used for backups or file storage by businesses.

Although the infection method is still unknown, researchers surmise that QSnatch could infect via exploitation of firmware vulnerabilities or brute force attacks on devices with a default username/password.

"Attackers are unfortunately finding success when they leverage as-a-service hacking tools and are able to combine various tools in a single integrated multi-stage attack."

News URL

https://www.helpnetsecurity.com/2023/03/17/global-malware-spread/

#malware #tracking