Information security (infosec) analysts are seeing a major shift from modern ransomware strikes to old-fashioned Trojan attacks. According to the most recent edition of Microsoft’s Security Intelligence Report (SIR), hackers are using Trojan-style attacks more than ever, and this uptick in activity is largely due to an increase in potential vectors.

[su_note note_color=”#F4f4f4″]The infosec community describes attack vectors as the objects that malicious hackers can use to disguise malicious code or criminal intent. The very first Trojan attack is described in Ancient Greek mythology as part of conventional warfare; in terms of infosec, the first Trojan dates back to 1975, when a programmer developed a script that asked users questions about their favorite animal while code execution copied files across directories.[/su_note]

Dangers Hidden in Trojan Attacks

Whereas the most spectacular hacks that have made headlines over the last two years have been related to ransomware attacks against hospitals and even police department, the Microsoft SIR study indicates that Trojan attacks on average users climbed by more than 57 percent over the second half of 2015.

In Windows computers and tablets, the following Trojans have been detected by SIR analysts:

• Win32/Colisi
• Win32/Dorv
• Win32/Dynamer
• Win32/Peals
• Win32/Skeeyah
• Win32/Spursint

Every other malware detection being reported by Microsoft’s security products these days is a Trojan. This is a major infosec concern due to the diversity of Trojan delivery methods.

New Avenues of Malware Attack

The new generation of Trojan attacks seeks to take advantage of the machine-to-machine (M2M) protocol, the Internet of Things (IoT) and smartphone assistants such as Apple Siri, Google Now, and Microsoft Cortana. Infosec researchers are also worried about smart home automation devices such as the Amazon Echo and Google Home.

One of the most worrisome attacks was recently reported by McAfee Labs and identified as Trojan Acecard. The attack surface, in this case, is an Android smartphone; the vector is a phishing script that invites victims to try a new app or a video, which in reality enables a script to run in the background. The next time the user accesses the Google Play digital marketplace, the malicious script prompts the user to take a selfie of their driver’s license and uploading it for credit card verification. In reality, the selfie is going to attackers who will use it for identity theft.

[su_note note_color=”#F4f4f4″]Infosec analysts believe that the next wave of Trojans will target digital assistants and smart devices that users trust on a daily basis. For this reason, it is important to make sure that all computers, smartphones, tablets, laptops, and home networks are protected with antivirus software and internet security suites.[/su_note]