BlackBox Connections Logo


Unit 203
70 Country Hills Landing
NW Calgary, AB T3K 2L2

Office Hours

Mon – Fri
8:00 – 5:00
Support 24hrs

Call us Today

587 355 1566

BlackBox Connections Logo Image

Call us Today

587 355 1566

2018 Malware Forecast

Jan 3, 2018

The Malware Forecast for 2018 has been released!


As we all know, ransom-ware is all around and so far the problem doesn’t seem to be going away.  During 2017, the hackers worked hard to prefect their techniques and did so with vigor.  This led to large global Malware outbreaks such as WannaCry, NotPetya and the most recent, Bad Rabbit.

Windows users seem to be the ones most hit hard by these attacks but clearly the hackers are targeting other platforms….including your mobile devices.  If you can remember not too long ago, there was ransom-ware attacking Android apps via Google Play and other online sources.

A study done by SophosLabs over a six-month period gave us an eye opening view of those attacks but thankfully the study also gave the opportunity to learn how organizations can cope during this stressful situation.

For the longest time the number one ransom-ware leader was Cerber, however they have been surpassed by WannaCry.  After being unleashed in May of 2017, WannaCry accounted for 45.3% of all ransom-ware tracked by SophosLabs, Cerber had accounted for 44.2%.

Apparently the rapid expansion had been due to the worm-like characteristics that both WannaCry and NotPetya have.  They seem to be able to replicate and continually scan and attack computers.  Bad Rabbit ransom-ware had indeed showed those same similarities and we can expect it to only continue as these cyber-criminals continue to build upon the past ransom-ware attacks and what they have learnt.

Back in June of 2017, NotPetya was the one causing damage for a short amount of time.  Initially it had been released through a Ukrainian Accounting Software Package, which did help with limiting the geographic that was hit, but it was eventually able to spread via the EternalBlue exploit…..similarly how WannaCry infected systems.

Considering that NotPetya had climbed and fell so quickly, it was still able to hurt plenty of businesses.  The suspicion was that cyber-criminals were experimenting or their goal was not ransom-ware but a more destructive attack like a data wiper.

Cerber, which is sold as a ransom-ware kit on the Dark Web is another dangerous threat that you need to stay away from!  This company makes money by charging the cyber-criminals who use it a percentage of each ransom they are paid.  They continually refine and update this software in order to be a step ahead of the security software.  Cerber is known to be an effective hacker tool and is readily available to the cyber-criminals who want it.

As mentioned earlier, the rise on Android ransom-ware increases every month.  In September of 2017, study showed a 30.37% increase of malware.  Import note on this is that Android ransom-ware is mainly found in non-Google Play markets, which is why it is important to pay attention and be cautious as to what apps you are downloading.

From the numbers, it is estimated that 10 million Android apps will be affected, which is up from the 2016 number of 8.5 million.

There are some important defense measures that you can take in order to protect yourself from being a victim of ransom-ware:

        • Back-up regularly and keep your recent back-up off-site to avoid any other ways that these files can be lost, such as fires, flood, theft, etc.
        • Unsolicited attachments.  We can often receive emails with attachments, but if you are unsure as to who has sent you the email, do not open.  Hackers are just waiting to see if you will and once you do….the trouble begins.
        • Remember to Patch early and often.  Malware usually comes via email, but for those times when it doesn’t, it is usually because it is hiding in popular applications, such as Microsoft Office, your browser, Flash and others.  So long as you patch, you can eliminate the open holes for the hackers to exploit.
        • By blocking the unauthorized encryption of files,Sophos Intercept X, can stop ransom-ware attacks in its place.
        • If you receive an attachment via email, do not enable macros.  Malware wants you to turn macros on and that is something you should not do!


If you are an Android user, here are some ways you can stay safe:

        • Google Play.  Stay using Google Play, while it is not perfect, the company does put a lot of effort into the prevention of malware before it arrives or purging it if they do find it in the Play Store.
        • New apps, these should be avoided if no one knows anything about them or if they have a low reputation.
        • Again we say, patch early & often!  If you buy a new phone, check to see when the vendor will have the updates and ensure you patch as soon as you can.


To read more on this 2018 Malware Forecast click here.

Quick Tips

Make sure you are running the latest software.

Remember to Patch early and often.

by BlackBox Connections

Topic:  2018 Malware Forecast