Dubai, UAE, May 10, 2022: Netskope, the leader in Security Service Edge (SSE) and Zero Trust, today published new research that found that Trojans and phishing are the cause of most malware downloads in the Middle East region. Phishing downloads have seen a dramatic increase of 450% worldwide over the past 12 months, fueled by attackers using search engine optimization (SEO) techniques to improve the ranking of malicious PDFs. files on popular search engines, including Google and Bing. The findings are part of the latest edition of the Netskope Cloud and Threat Report: Global Cloud and Malware Trends, which examines the past 12 months of malware downloads from the cloud and web.
The top web referrer categories contain some categories traditionally related to malware, specifically shareware/freeware, but are dominated by more unconventional categories. The increasing use of search engines to deliver malware over the past 12 months provides insight into how well some attack SEO. Malware downloads identified by search engines are often malicious PDF files, including many malicious fake CAPTCHAs that redirect users to phishing, spam, scam, and malware websites.
The report also found that most malware downloaded in the Middle East in the past 12 months came from North America or Europe. It is noteworthy that the Middle East and Latin America are the only two regions where malware downloads do not come from the same region. This trend points to the increasing sophistication of cybercriminals, who more often commit malware to circumvent geofencing filters and other traditional prevention measures. The findings show that attackers tend to target victims located in a particular region with malware hosted within the same region.
“Malware is no longer confined to traditional web risk categories. It is now hidden everywhere, from cloud apps to search engines, leaving organizations at greater risk than ever before”, said Ray Canzanese, Threat Research Director at Netskope. “To avoid falling prey to these social engineering techniques and targeted methods of attack, security leaders should regularly revisit their malware protection strategy and ensure that all possible entry points is considered. “
Based on a subset of anonymous usage data collected by the Netskope Security Cloud platform, additional key findings from the report include:
- Trojans Continue to Prove Effective: Trojans provide 77% of all cloud and web malware downloads while attackers use social engineering techniques to gain an initial foothold and deliver a variety of next-generation malware. payloads, including backdoors, infostealers, and ransomware. There is no single family of Trojans that dominates the world. The top 10 Trojan families provide only 13% of all downloads, with the remaining 87% coming from less common families.
- Cloud and Web are A Perfect Attacker Pair: 47% of malware downloads come from cloud apps compared to 53% from traditional websites, while attackers continue to use a combination of both cloud and web to target their victims.
- Popular Cloud Storage Apps Continue to be the Source of Most Cloud Malware Downloads. Additional top referrers of the cloud app include collaboration and webmail apps, where attackers can send messages directly to their victims in many different forms, including emails, direct messages, comments and shares. of the document. One Drive represents the single largest source for malware downloaded in the Middle East.
- Microsoft Office Malware Files Denied Pre-Emotet Levels: Following global trends, in the Middle East, EXE and DLL files provide nearly half of all malware downloads while attackers continue to target Microsoft Windows, while malicious files of Microsoft Office drops and returns to pre-Emotet levels. This is due in large part to last year’s amount of proactive warnings and security controls introduced by technology vendors such as Google and Microsoft.
The Netskope Cloud and Threat Report is produced by Netskope Threat Labs, a team of industry -leading cloud threat and malware researchers that detects, analyzes, and designs defenses against the latest cloud and data threats affecting businesses.
Download the full report here.