Researchers at Slovakian internet research organisation ESET have discovered 10 previously undocumented malware families which mainly target industries in Canada, Vietnam and India.
These malware families were implemented as malicious extensions for Internet Information Services (IIS).
IIS is a web server software package designed by Microsoft for Windows servers. The tool provides web administrators with access to modify website options including details such as logging settings, security settings, website options and performance optimisations.
The malware targeted government mailboxes and e-commerce transactions, while distributing malware files simultaneously. The threats work by eavesdropping and tampering with the IIS server communications.
Apart from Canada, Vietnam and India, the cybercriminals also targeted United States, New Zealand and South Korea, among other countries.
The report’s telemetry said that there were more than 150,000 instances of the threat that were downloaded to Android devices between January 1 and July 1, 2021.
India was among the list of the most affected countries, among the likes of Ukraine, Kazakhstan, Russia, Vietnam, Mexico and the United States.
One of the prominent malwares go by the name of ‘Win/Filecoder.WannaCryptor’, which targets a certain EternalBlue vulnerability in systems. This was most frequently found in India, Indonesia, Thailand, China and Colombia, the report said.
Other malware names include Win/Filecoder.Sodinokibi, Win/Filecoder.Phobos, Win/Filecoder.Conti and Win/Filecoder.STOP.
“The share of spam in emails sent was highest in China (53.6%), followed by Vietnam, Singapore, Argentina and India, where between 20% and 30% of emails sent constituted spam,” the report said.
However, the report showed that there was a decline in cybercrime with respect to cryptomining and ransomware, declining by 14.3% and 7.7% respectively. But India, along with Russia Brazil and Argentina remains a hotspot for the ransomware owing to the size and number of android users.
ESET also pointed out that a malware known to target IoT devices, had infected close to 162,000 routers in India, out of close to 600,000 routers globally.
The most impacted were China with 334,401 devices being impacted, while Albania, Russia and Brazil had 22,300, 17,700 and 15,700 attacks respectively.