ESET marks Antimalware Day 2019 with a ‘top 5’ list of malware discovered in 2019

Today, we celebrate Antimalware Day, founded by ESET two years ago, to honor the visionary work of Fred Cohen, Ph.D., and his advisor, Professor Len Adleman PhD., which laid the cornerstone for future research into computer threats.

ESET is marking this year’s celebration by looking at some of the most pertinent malware discoveries of the year 2019 to emphasize the importance of taking proactive countermeasures against malware and implementing cybersecurity best practices.

1. Machete

Machete is malware used in cyberespionage operations, primarily in Venezuela, and in Ecuador, Colombia, and Nicaragua. The operators use Machete as a spearphishing tool, predominantly targeting government organizations, such as the military, education, police, and foreign affairs. Once the malware is unleashed via email, it can take screenshots, log keystrokes, access the clipboard, retrieve and encrypt files, and collect the victim’s geolocation.

2. Android/Filecoder.C

Discovered after a two-year decline in instances of Android ransomware, Android/Filecoder.C encrypts the files on a mobile device before demanding a payment in Bitcoin for their decryption. Distributed via online forums, these malware files can encrypt files and send text messages to the victim’s contact list.

3. Android/FakeApp.KP

This malware is used to phish for login credentials to BtcTurk, a Turkish cryptocurrency exchange. It was the first malware discovered that is able to circumvent restrictions brought in by Google in March 2019, which aimed to strengthen SMS-based two-factor authentication (2FA). Instead of intercepting SMS messages, which became harder for attackers thanks to Google’s new restrictions, this malware reads the notifications that appear on a device’s display in order to obtain the one-time password.

4. Varenyky

In July, Varenyky launched a sextortion campaign in France, distributed through spam email attachments disguised as bill documents. Once the victim enables macros on the attached document, the computer becomes compromised, and the attacker can record the user’s screen. This malware’s apparent aim is to obtain evidence of the victim watching pornographic content, which can then be used for extortion.

5. KRACK for Echo and Kindle

In January 2019, after more than a year of extensive additional research, ESET reported that many Wi-Fi enabled devices, including Amazon Echo and at least one generation of Amazon Kindle, were still vulnerable to Key Reinstallation Attacks, or KRACK(s), two years after the initial discovery. The vulnerabilities allowed attackers to execute Denial of Service attacks, disrupt network communications, and intercept sensitive information such as passwords.

To find out more about how ESET can help protect you against malware, visit www.eset.com.