Widespread threats that can harm your network

Every year, the number of malicious sites and programs is constantly growing. You need to know your enemy to protect your network from threats and intruders. And SafeDNS will assist you with that complicated task.

Malware
Ransomware
Phishing & typosquatting
Botnets & C2C
Parked domains
Cryptojacking
DGA

Malware

Malicious software that aims in one form or another to cause damage to the user or computer and its contents. Malware is a common group for all types of cyber threats, such as viruses, Trojans, spyware, keyloggers, adware, etc.

What harm can Malware do to your network or device?

Malware creates a lot of problems for the user - from small almost imperceptible inconveniences to serious financial harm. Form example, change the browser settings and do not allow the user to change them, waste computer resources, thereby reducing its performance, install advertising programs on your computer, such as pop-ups and banners that work even without an Internet connection, use a computer and its resources for DDoS attacks or cryptocurrency mining and collect user’s personal data: usernames, passwords, bank card numbers, etc.

Companies spend the most money on protection against malware:
about $2.4 million.

Number of devices and programs infected by malware

Ransomware

These are extortionate programs, the main harm of which is blockin/encrypting data on the computer. In the case of data encryption, the program encodes files and the user cannot access them, which interferes with the system operation. And blocking simply closes access to the computer. Moreover, modern ransomware programs send data to an attacker, which can cause the leakage of confidential data. Attackers demand payment for unlocking files and computer.

What harm can Ransomware do to your network or device?

Encrypting data on the victim’s disk, locking Android & IOS devices by changing the access code to lock the user’s device, blocking the user’s screen, stealing confidential data, blocking the operation of the entire business.

The Brenntag company distributes chemicals. In this case, the DarkSide partners in crime said they have obtained access to the network after purchasing stolen information, but didn’t know how the credentials were obtained, to begin with. The company paid $4.4 million ransom in cryptocurrency. Following the ransom payment, Brenntag obtained a decryptor for encrypted files and successfully stopped the cybercriminals from making the company’s stolen information public.

Businesses suffer the most from ransomware programs. To find out more information, read our article.

How much companies were forced to pay because of ransomware

Phishing & typosquatting

Phishing is a fairly common type of Internet fraud based on the inattention of users on the Network. In order to extract personal data, usernames, passwords, bank card numbers or other important information from users, attackers create fake pages on the websites of shops, banks, email clients and social networks. Visually, they do not differ from the original ones, so an inattentive visitor enters his authorization data, after which they get to the scammers. Thus, fraudsters can hack the social network accounts using phishing or gain access to their victim’s bank account. And the essence of typosquatting is to create domain names similar to renowned sites. And if the user made a mistake in the site address, then the intruder will get to the typosquatters site. Such scammers earn money by displaying ads, redirecting to other dangerous sites or stealing data if the user accidentally enters his data on the attackers’ site.

What harm can phishing and typosquatting do to your network or device?

Obtaining access by an attacker to a bank account or personal information, blocking access to accounts/devices, loss of corporate funds, disclosure of confidential customer data, theft or unavailability of confidential files, damage to the company’s reputation.

1) Attacker performs reconnaissance attack

2) User receives an email with an attractive title or offer with a pdf file or link

3) User opens the attached file or link that executes malware

4) Malware steals user’s credentials and confidential data

5) The malware sends all the information to the intruder

Botnets & C2C

This is a network of multiple net-connected devices with an Internet connection that is infected with malware and controlled by an attacker. The primary goal of attackers is to gain access to your data, remote control your computer and use your devices for subsequent attacks. The owner can manage the botnet using management software (C&C). This type of malware attacks not only home users, but educational institutions, companies, etc.

What harm can Botnets & C2C do to your network or device?

DDOS attacks, theft of passwords, bank card numbers and other confidential information that can be used or sold, getting access to confidential company information, using your devices and network for illegal mining, using your devices to attack other users.

One of the most renowned examples is the botnet ZeuS, with the help of which attackers sent spam with photos throughout Facebook. The links in the letter led to malicious sites that were teeming with botnets.

Parked domains

This is the registration of a domain name on DNS servers that provide parking services without using the domain for its intended purpose. Scammers use domain parking as part of a malicious network and take advantage of user errors when entering the site address, as they often register domains that are similar to popular ones. Usually, such pages contain a lot of ads that can lead to malware downloading. In addition, scammers make a profit for the fact that the user visits the site and sees ads. Attackers often use parked domains for phishing attacks and other threats.

What harm can parked domains do to your network or device?

Install advertising programs on your computer, such as pop-ups and banners that work even without an Internet connection, collect user’s personal data: usernames, passwords, bank card numbers, etc., getting access to confidential company information, downloading malware with severe consequences, using your devices to attack other users.

Cryptojacking

These are programs that hijack the victim’s computer for cryptocurrency mining. Such threats are difficult to identify and most often the user does not even realize that his device is affected. The malware uses the computing power of the victim’s computer and extracts cryptocurrency.

What harm can cryptojacking do to your network or device?

Increased energy costs, reducing the performance of your device’s resources, break your device, steal confidential data, harm to your corporate network.

A common method of distributing cryptojacking programs is pictures. In one of the famous cases, the attackers used a picture with Taylor Swift, which helped them bypass all security systems, since the program did not recognize threats in a ordinary picture. Malware infected the victim’s device and illegally used it for mining.

DGA

This is an algorithm for creating numerous lists of new domains to calculate the sequence of domain names that malware will try to connect to. This method helps fraudsters to maintain access to the hacked system bypassing security systems. Moreover, it complicates the detection of vulnerabilities and their elimination. With the help of these algorithms, attackers prevent security managers and antiviruses from interfering with the work of malware.

What harm can DGA do to your network or device?

DGA cannot harm your network by themselves. However, such algorithms allow fraudsters to introduce malicious programs to your device or your network and prevent their removal. This can lead to issues with your devices or the network at home, and cause irreparable damage to the corporate network.