2018 came in like a lion and out like—a different lion. It’s fair to say that, despite a sleepy second quarter (there’s the lamb), this year was action-packed from start to finish. Fresh on the heels of a cryptomining explosion in the last quarter of 2017, 2018 began with threat actors diversifying their cryptomining tactics, broadening their reach to Android, Mac, cryptomining malware, and experimenting with new innovations in browser-based attacks.
While cryptomining died down by the second quarter, a new set of threats were eager to take its place: information stealers. These former banking Trojans— especially Emotet and TrickBot—evolved into droppers with multiple modules for spam production, lateral propagation through networks, data skimmers, and even crypto-wallet stealers. These variants of malware focused their energies on ensnaring businesses, gleaning the most profit from ultra-sensitive data that could be sold on the black market for re-targeting in future campaigns.
Read More Here