New distribution of The email shop

asp .net hosting

Email Security for the Future of Work.” This is the name of the report they have publishedIDC Research Spain Y Anubis Networks, which can be downloaded here. It shows that more than 90% of security breaches have occurred using email as a transmission channel. Furthermore, nearly a third of these violations were due to phishing . Keep in mind that email has become the most used channel for primary communication in any organization. Therefore, it is also used for opportunistic and targeted attacks, being an important exit point for confidential content.

The document also confirms the boom in the deployment of email security solutions in public cloud mode . In fact, according to IDC, 51.6% of organizations are betting on cybersecurity solutions in the cloud. That is why, according to the report, exploring cloud-based email servers has become the most widely used attack vector. And it is both for attacks directed against a user or organization and for attacks against partners and customers of those organizations.

To Learn More Click: buy email address

Email security

On the other hand, the report states that organizations are increasingly driving the adoption of cloud email services. In fact, according to IDC data, 71% of Spanish companies have adopted solutions of this type and this trend is expected to continue throughout 2021.

Precisely, this consultancy considers that the security market is not alien to this evolution in the digitalization process of organizations. Thus, it foresees that in 2023 the security market in Europe will reach 10,540 million euros ; while in Spain it will reach 1,380 million euros in 2022 , with a compound growth of 6% for the period 2020-2022 . The document also confirms which will be the fastest growing segments: managed security services (27%), integration services (25%) and digital identity and trust services (4%).

To Learn More Click: asp .net hosting

Finally, the IDC Research Spain and Anubis Network report points out the importance for organizations of building a trusted network of partners, third-party services, and customers to prevent the spread of threats through the business ecosystem.

161 days. That is how long it has taken for The email shop malware to return to the present day after more than five months without showing signs of life. This has been revealed by researchers from the cybersecurity companyProofpoint, who have confirmed the return of this threat .

The email shop is a highly effective malware that is capable of downloading and installing a range of additional malware. In this way, it steals information, sends malicious emails, and spreads through networks that use infected devices to launch future attacks. The first versions of The email shop had a module that was used to commit bank fraud . This is why, for years, it was classified as a banking Trojan . However, later versions no longer loaded the module. Instead, they loaded third-party banking malware . Plus, it loads its modules for spam, credential theft, email harvesting, and local network broadcasting.

Redirigir la solicitud de IP a la URL del dominio: probar y solucionar el  problema canónico de IP

“The email shop is known to be a disruptive malware, and its return is significant,” says Sherrod DeGrippo, director of threat detection and research at Proofpoint. “The group associated with this threat often uses its metric-based infrastructure to assess the success and scale of the campaign, depending on what works. Of course, from the initial volume we have seen, this does not seem to be a test, although it is not new or novel. The email shop has been inactive for 161 days and has come back as if nothing had happened . For this, it has used similar to the previous ones, without taking advantage of current events such as COVID-19 or other issues linked to the pandemic, ”he points out.

To Learn More Click: mail365

New distribution of The email shop

So far, Proofpoint has detected the distribution on July 17 of almost a quarter of a million emails with The email shop , and the number continues to rise. The threat group, known as TA542 , appears to have targeted multiple verticals in the United States and the United Kingdom with English hooks. The messages contain malicious attachments in Microsoft Word format or URLs that link to Word documents. And usually these are hosted on compromised WordPress hosts.

The email shop malware sample

As on previous occasions, the hooks used in this campaign are simple and with minimal customization . In addition, they use themes in the subject such as “RE:” or “Invoice number”, followed by a false invoice number. They usually also include the name of the organization to which the mail is addressed.

Therefore, according to DeGrippo, “it is important that security teams continue to protect their email channel . Furthermore, they must educate users on the higher risks associated with potentially malicious attachments to protect themselves against this form of attack. Our research team will continue to monitor this actor and assess how The email shop changes his actions as a result of his recent resurgence, ”he concludes.