News and entertainment websites unknowingly host more than 50 percent of malvertisments; Flash exploits increase 60 percent and ransomware increases 80 percent since 2014
Bromium®, Inc., the pioneer of threat isolation to prevent data breaches, today announced the publication of “Endpoint Exploitation Trends 1H 2015,” a Bromium Labs research report that analyzes the ongoing security risk of popular websites and software. The report highlights that more than 50 percent of malvertising is unknowingly hosted on news and entertainment websites, Flash exploits have increased 60 percent in the past six months and the growth of ransomware families has doubled each year since 2013.
“For the last couple years, Internet Explorer was the source of the most exploits, but before that it was Java, and now it is Flash; what we are witnessing is that security risk is a constant, but it is only the name that changes,” said Rahul Kashyap, SVP and chief security architect, Bromium. “Hackers continue to innovate new exploits, new evasion techniques and even new forms of malware – recently ransomware – preying on the most popular websites and commonly used software.”
Key findings from “Endpoint Exploitation Trends 1H 2015” include:
- News and Entertainment Websites Hotbed for Malvertising — More than 58 percent of malvertisments (online advertisements with hidden malware) were delivered through news websites (32 percent) and entertainment websites (26 percent); notable websites unknowingly hosting malvertising included cbsnews.com, nbcsports.com, weather.com, boston.com and viralnova.com.
- Attackers Targeting Flash — During the first six months of 2015, Flash experienced eight exploits, an increase of 60 percent since 2014, when there were five exploits. Most active exploit kits are now serving Flash exploits, potentially impacting a large number of Internet users, given the ubiquity of Adobe Flash.
- Continuous Growth of Ransomware — In the first six months of 2015, nine new ransomware families emerged: CoinVault, TeslaCrypt, Cryptofortress, PClock, AlphaCrypt, El-Polocker, CoinVault 2.0, Locker and TOX; this is an 80 percent increase from 2014 and represents a significant growth in ransomware since 2013, when there were only two ransomware families: Cryptolocker and Crytowall. Ransomware continues to grow, as cybercriminals realize it is a lucrative form of attack.
- Malware Evasion Avoids Detection — Bromium Labs analyzed malware evasion technology and found it is rapidly evolving to bypass even the latest detection techniques deployed by organizations, including antivirus, host intrusion prevention systems (HIPS), honeypots, behavioral analysis, network filters and network intrusion detection systems (NIDS).
About Bromium, Inc.
Bromium is re-inventing enterprise security with its powerful new technology, micro-virtualization, which was designed to protect businesses from advanced malware by design, while simultaneously empowering users and delivering real-time threat intelligence to IT. Unlike traditional security methods, which rely on complex and ineffective detection techniques, Bromium protects against malware from the Web, email or USB devices, by automatically isolating each user-task at the endpoint in a hardware-isolated micro-VM, preventing theft or damage to any enterprise resource. Bromium’s technological innovations have earned the company numerous industry awards. Bromium counts a rapidly growing set of Fortune 500 companies and government agencies as customers.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.