DDoS-sourced malware is on the rise, according to AppRiver's Q3 Global Security Report, which analysed malware and spam trends in Q3 2016 (between July and September 2016).
For the first time, the web saw disruptions caused by DDoS attacks leveraged by botnets comprised primarily of IoT devices during Q3 of this year.
The company's security analyst team quarantined 5.7 billion emails containing malware in Q3, a 35 percent increase over the total they recorded in Q2 2016. This quarterly total is more than triple 1.7 billion emails containing malware that analysts observed during the entirety of 2015. Over two billion spam messages were quarantined as well.
Data breaches remained a major concern for organisations worldwide during Q3. The recent breach disclosed by Yahoo and Pippa Middleton's iCloud account hack containing private pictures of her and the UK Royal family just name a few of the noteworthy breaches that occurred during this time period.
In August, Trident malware was discovered using multiple zero-day exploits that could jailbreak an iOS9 device giving the attacker access to emails, texts, voice call and the phone's camera, microphone and location. During Q3, the three primary file formats malware has been coming in are Jscript (.js), Windows Script Files (.wsf) and Macro enabled documents (.doc and .xls).
Various versions of ransomware with specific targets were seen during Q3. Locky and Zepto are still some of the reigning champs when it comes to volume, but others such as EduCrypt, IoT Ransomware and MarsJoke were seen lurking online.
A spike in PayPal-themed phishing messages was noticed in early September, with one in particular posing as a security alert from the company.
“As more IoT devices become connected and unless consumers start taking the time to install these devices more securely, this trend may only get worse in the short term,” said Troy Gill, manager of security research at AppRiver.