ACSC and CISA detail top malware of 2021

By

Two Trojans in use for over a decade.

The Australian Cyber Security Centre and the United States Cybersecurity and Infrastructure Security Agency have issued a joint advisory on the top eleven malware strains they observed last year, noting that several have been used by criminals for many years.

ACSC and CISA detail top malware of 2021

One of the oldest malware variants in the advisory, Qakbot, which started out as a banking Trojan for information theft, has evolved with new functionality added such as reconnaissance, lateral movement in networks, data gathering and exfiltration, dropping malicious payloads and forming botnets.

Along with banking Trojan Ursnif which is also known as Gozi, criminals have used Qakbot for over a decade now, with the malware infrastructure still active, the cybersecurity agencies said.

Malicious attachments and phishing emails are the favoured attack vectors for criminals to deliver malware such as Trickbot, with one of its developers being arrested in June last year.

Others such as information stealer AZORult, and the GootLoader multi-payload malware platform, can be delivered via infected websites, exploit kits, and droppers.

The full list of top malware of 2021 include:

  • Agent Tesla
  • AZORult
  • Formbook
  • Ursnif
  • LokiBot
  • MOUSEISLAND
  • NanoCore
  • Qakbot
  • Remcos
  • TrickBot
  • GootLoader

ACSC and CISA have published signatures for the SNORT intrusion detection system for the above malware strains.

The agencies advised organisations to keep software updated, enforce multi-factor authentication, to secure and monitor remote desktop protocol (RDP) and other such risky services, and keeping offline backups of their data.

End-users should also be provided with security awareness and training, the agencies said.

Longer term, ACSC and CISA suggested that organisations implement network segmentation to prevent the spread of ransomware, and to stop lateral movement by threat actors.

ACSC said it has observed ransomware and data theft incidents in which Australian subsidiaries of multinationals were affected, thanks to assets maintained and hosted by offshore divisions outside their control.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
acsccisaqakbotsecuritytrickbot

Sponsored Whitepapers

Operational excellence is a key part of system modernisation
Operational excellence is a key part of system modernisation
Barracuda’s security portfolio give MSPs teeth to help customers overcome cybersecurity challenges
Barracuda’s security portfolio give MSPs teeth to help customers overcome cybersecurity challenges
The State of Zero Trust Transformation, 2023
The State of Zero Trust Transformation, 2023
How Mainframe Modernization Begins with Application Modernization
How Mainframe Modernization Begins with Application Modernization
Insights Driven by Data. Verify, and keep verifying: Cybersecurity in a zero-trust world
Insights Driven by Data. Verify, and keep verifying: Cybersecurity in a zero-trust world

Most Read Articles

Eagers Automotive finds unauthorised access to parts of IT systems

Eagers Automotive finds unauthorised access to parts of IT systems
Hackers hit Victoria's court recording database

Hackers hit Victoria's court recording database
St Vincent's Health Australia warns cyber attack forensics could "take some time"

St Vincent's Health Australia warns cyber attack forensics could "take some time"
Yakult Australia confirms cyber incident

Yakult Australia confirms cyber incident

Digital Nation

Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
State of Security 2023
State of Security 2023
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
COVER STORY: What AI regulation might look like in Australia
COVER STORY: What AI regulation might look like in Australia

Log In

  |  Forgot your password?