Story image

Old malware foe active in Aus and NZ

17 Feb 2016

New figures from ESET has revealed the most common form of malware in Australia and New Zealand last month was a renowned form of malware known as Bayrob, which was first detected in 2007.

According to ESET, more than 9% percent of all malware detected in Australia in January 2016 was Bayrob, with 7% of all malware detected in New Zealand being Bayrob as well.

Bayrob malware attacks have been focused on several countries, including Spain (22% of total attacks), followed by Austria and Germany (19% and 15% respectively).

ESET says Bayrob is distinctly more active in Australasia in comparison to global activity, with Australia culminating at 9.43%, and New Zealand at 7.67%, compared to 2.73% globally. Percentage of overall malware activity in Australia in January 2016

Percentage of overall malware activity globally in January 2016

Nick FitzGerald, senior research fellow at ESET, says users need to be wary of emails from fake accounts.

“Check carefully who the email is from, and if the email address indicates the email sender is from a different organisation to the one they claim to be representing, do not respond or open anything attached to that email,” he says.

FitzGerald says Bayrob malware is typically distributed as email attachments to download.

“Watch out for executable files disguised as ZIP files,” he says.

“If run, Bayrob displays a message suggesting to the user the downloaded file is incompatible with the system, while it is actually already releasing a Trojan that aims to steal information from the victim’s computer and possibly download further malware,” FitzGerald explains..

Information about Bayrob

Win32/Bayrob is a renowned form of malware first detected in 2007. Since its early days, Bayrob has been known for targeting eBay users. While having Bayrob active on a user’s system, criminals were able to intercept all traffic between the compromised computer and eBay, as well as redirect it to fake pages. The intention behind this was to scam people buying various items on eBay, including cars.

Diego Perez Magallanes, ESET malware analyst, says Bayrob is a typical botnet malware.

“It is capable of updating itself, downloading files or sending information,” he says.

“This makes it dangerous, since at every moment there is the risk that the infected machine downloads and runs some damaging malware, for example ransomware that encrypts files on the computer,” Magallanes explains.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.