If you’re on a phishing expedition, start at the shallow end of the alphabet. That was one takeaway from the latest biannual Microsoft Security Intelligence Report, published today.
Among its findings: that Albania has an unusually high rates of phishing impressions: 188.5 phishing impressions per million page views. South Koreans, by contrast, were the world’s most cautious of attempted phishing attacks, at just 1 impression per million page views.
More seriously, the report highlights how Microsoft’s security team disrupted one of the largest malware operations in the world, the Gamarue botnet, with coordinated global operation – including from the FBI and Europol’s European Cybercrime Centre – that resulted in the disconnection of the botnet’s servers on November 29, 2017.
Since the disruption, Gamarue-infected devices have connected to the Microsoft Digital Crimes sinkhole from 23 million IP addresses, highlighting the global pervasiveness of the Gamarue botnet, the report notes, adding that since its disruption of the botnet, the number of Gamarue victims worldwide has fallen by 30 percent.
The malware was designed and sold as a modular kit for hackers, with available plug-ins including a keylogger ($150) Formgrabber ($250) to capture any data submitted through web browsers and “Teamviewer” ($250) that enables attacker to remotely control the victim’s computer, spy on the desktop, and perform file transfers, among other functions.
“Worldwide coordination of research and investigation efforts is key to disrupting a malware operation with the magnitude of Gamarue. As a result of such complexities, public/private partnerships between global law enforcement agencies and private industry partners are essential to a successful outcome.
Microsoft Office 365’s security research team meanwhile detected some 180-200 million phishing emails every month in 2017, with Ukraine the undisputed king of phishing sites (19.1 per 1,000 Internet hosts) with Belarus (12.3 per 1,000) running second, the report notes.
Trojans were the most commonly encountered category of malicious software each month in 2017 by a large margin, said Microsoft – which scans a staggering 400 billion email messages and 18+ billion webpage per month.