Modular malware is becoming more and more common nowadays, shows a new study from Barracuda Networks. In fact, since the beginning of 2019, more than 150,000 unique malicious files were discovered to have been sent over email in the first five months of the year.
Modular malware is a new-ish way for cybercriminals to deliver malicious software. Basically, the initial email only contains a basic payload and once that file has been downloaded to the device it connects to a remote command and control server for additional payloads. This very same method has been used by some well-known banking trojans such as Emotet, TrickBot, or CoteBot, but also infostealers like LokiBot and Pony.
Just a few years ago, the situation was much different, but with the rise of botnets executing commands provided by cybercriminals and malware written for wide-spread distribution, modularity has been encountered in more and more cases.
Detecting modular malware is a tad more difficult than traditional malware, but measures are being taken. Organizations, in particular, need to implement more email security measures. Barracuda Networks advises organizations to deploy advanced inbound and outbound security techniques, including malware detection, spam filters, firewalls, and sandboxing.
"While many malicious emails appear convincing, spam filters and related security software can pick up subtle clues and help block potentially-threatening messages and attachments from reaching email inboxes. If a user opens a malicious attachment or clicks a link to a drive-by download, an advanced network firewall capable of malware analysis provides a chance to stop the attack by flagging the executable as it tries to pass through," reads the report.
How careful are you about the files you download from your emails? Let us know in the comments section below and please share the article online so others can find it too. Follow TechNadu on Facebook and Twitter for more tech news, guides, reviews, and interviews.