Malware Intelligence

Stay Ahead of Email-Borne Threats with Cofense’s Malware Intelligence

Cofense’s malware intelligence service provides accurate and timely alerts about malware and ransomware being circulated in phishing emails. Subscribe to our malware intelligence service and stay ahead of email-borne threats in order to better protect your network, your data, and your users.

How much would a successful ransomware attack cost your organization? $2.4 million? $3.8 million? How about $7.35 million? These are the average costs incurred to recover from ransomware attacks depending on whether you agree with Accenture´s, Microsoft´s or IBM´s calculations. Scary, isn´t it?

Even scarier is that ransomware may not be your biggest problem. Several security companies have reported “crypto-jacking” is growing in popularity among cybercriminals due to it being a cheaper, less-risky-yet-more-profitable form of malware than ransomware. Furthermore, it´s virtually undetectable.

What is Crypto-Jacking?

Crypto-jacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Cybercriminals infect computers with a crypto-mining code that works in the background, mining cryptocurrency and delivering it to attackers as unsuspecting victims use their computers normally.

Although individual computers don´t yield much processing power on their own, attackers can build a botnet of infected devices and make them work together – harnessing vast processor resources across a network of infected computers and stealing a small amount of bandwidth from each.

The cost to the organization is the loss of performance, or – if operating in the cloud – the cost of provisioning more resources to cope with greater processing demands. However, the latest strains of crypto-jacking malware have the built-in ability to crash victims´ computers if they attempt to remove it.

How is Crypto-Jacking Malware Deployed?

It will come as no surprise to learn the most common way computers are infected is via phishing emails. Cybercriminals send the phishing emails to unsuspecting victims, inviting them to click on a link, which either downloads the crypto-mining code directly, or redirects the victim to a compromised website.

The compromised website could be entirely genuine except for an injected script that automatically executes, and will therefore fail to appear on URIBL or SURBL blacklists. And, because scripts are constantly changing, it is difficult for anti-virus software to detect crypto-mining codes at the endpoint.

Although some security solutions are waking up to the threat of crypto-jacking, the best way to avoid becoming a victim of this malware strain is to stay ahead of the phishing methods being used to deploy the threat, and the best way to stay ahead is with Cofense´s malware intelligence service.

Cofense´s Malware Intelligence Service

Cofense´s malware intelligence reports are compiled from millions of suspicious emails we receive daily through our Cofense Reporter service and other sources. The Cofense Triage service filters out false positives and spam emails, leaving only genuine threats for our team of analyze.

Once genuine threats are verified and confirmed, we issue detailed malware intelligence reports that not only alert organizations to new or emerging threats, but that also inform them of the URLs of compromised websites so access to the malware can be blocked by web filtering applications.

Organizations can choose how they receive our malware intelligence reports. We distribute them by email and as Machine Readable Threat Intelligence reports that can be read by Security Information and Event Management applications (SIEMs) and Threat Intelligence Programs (TIPs).

Stay Ahead of Email-Borne Threats with Cofense

The speed with which our malware intelligence reports are distributed enables organizations to act quickly to stay ahead of email-borne threats – not only threats related to crypto-jacking, but all formats of malware and ransomware, and other phishing attempts that could have serious consequences.

Cofense integrates seamlessly with more than twenty common security solutions in order that threats can be blocked faster through automation, while the depth of intelligence provided enables security teams to better understand the nature of the threats and their potential impact.

To find out more about Cofense´s malware intelligence service, do not hesitate to contact us. Our team will be happy to organize a free demo of Cofense in action for you to better understand how your organization can stay ahead of email-borne threats with malware intelligence reports from Cofense.