Posted on March 20, 2023 at 8:37 AM
Akamai study shows 193 million mobile malware attacks were flagged in the EMEA region
The number of hacking attacks globally has steadily increased in recent years as hackers look for new and more sophisticated ways of conducting their exploits. A recent report by Akamai highlighted the notable increase in malware attacks saying that these exploits present a major risk to individuals and enterprises.
Akamai says 193 million malware attacks were flagged in EMEA
The report released by Akamai is known as the State of the Internet report, focused on malicious Domain Name System (DNS) traffic. The report is “Attack Superhighway: A Deep Dive on Malicious DNS Traffic.”
This report has taken an in-depth look into the exploits that pose a significant threat to internet users, both corporates and individuals. The data shows that internet users can be targeted using their mobile devices, or a breach on an enterprise network can result in other malicious campaigns such as ransomware attacks.
Akamai Technologies shared an outlook on how these malicious attackers target consumers. The data shows a significant increase in information-stealing malware targeting people through their devices within the EMEA region. The malware is more prevalent among Android users because of the FluBot malware.
The FluBot malware usually targets Android mobile devices. This malware has swiftly spread in the EMEA region, and 193 million queries have already been flagged. This malware usually spreads through SMS messages. It also hijacks the contact list within a user’s device and sends malicious messages to the victim’s entire contact list. The messages are usually sent in the local dialect of the victim.
How the threat actors behind the malware operate shows that they are taking a localization approach. This approach has significantly benefited Finland, Germany, Spain, and the United Kingdom. After this malware has infected a user’s device, it starts stealing information.
The malware usually targets financial data such as the target’s debit and credit card information. After the attacker gains access to this information, they will use it to steal funds from the attackers or to sell data to other criminals.
The report also shows that businesses are at a high risk of falling victim to these hacking attacks. Businesses are prone to malware such as Emotet, QSnatch, and Ramnit, which are very active in the region. The Emotet malware has been singled out because t has presented a major threat to organizations for over ten years.
The group behind this malware usually targets corporate networks. The goal of the exploits is usually financial, with the attackers conducting ransomware campaigns to extort businesses. Other types of dangerous attacks can also be launched on businesses in the region.
If the attacker manages to access the corporate network, they can use the access to gain control over the target organization’s network and launch major attacks. These attacks can sometimes lead to significant financial loss.
The group has been associated with some of the largest ransomware groups, such as Conti, LockBit, and RyUK. One out of five malware infections in the EMEA region has been attributed to Emotet. This shows that there is an increased level of risk for organizations that want to avoid falling victim to ransomware attacks.
Other types of threats in the EMEA region
Threats within the EMEA region have significantly increased in the last year. One of the most prominent threats in the region was an exploit on network-attached storage devices. The attack was made by a botnet known as QSnatch.
The network-attached devices usually store a variety of sensitive information and backups. These devices can be vulnerable if patches are not released regularly and protected. After the QSnatch malware obtains access to the device, it can steal or modify information, creating a risk o a data breach. Around a third of the reported infections within the EMEA region were linked to QSnatch.
Ramnit also poses a major risk in the region. It is attributed to two out of ten infections reported in the EMEA region. Ramnit is a banking Trojan used to steal credentials for the online banking system. This malware is usually spread through phishing campaigns.
The recent AKAMI report noted that the EMEA region accounts for the largest number of infections caused by Ramnit globally. The data is not unique because, in the past, hackers usually targeted banks operating in Europe, including countries like France, Italy, and the UK.