IoT Botnets and Infostealers Frequently Target Retail Sector

New research by Netskope Threat Labs has revealed that IoT botnets, remote access tools and infostealers were the key malware families deployed by attackers targeting the retail sector in the past year. The findings were revealed in a new report on the retail sector.

Retail has also undergone a shift in the past 12 months from predominantly Google Cloud-based applications towards Microsoft apps like Outlook. In last year’s report, Google applications were far more popular in the retail sector than in other industries, but over the past year the researchers have seen a resurgence of Microsoft’s popularity. This is particularly evident for storage with the gap between OneDrive and Google Drive widening over the past year, with the average percentage of users shifting from 43% to 51% for OneDrive and falling from 34% to 23% for Google Drive. Similar trends were observed with Outlook (21%) supplanting Gmail (13%) as the most popular email app.

Microsoft OneDrive remains the most popular cloud application for malware delivery across all sectors including retail. Attackers gravitate towards tactics that capitalise on users’ trust and familiarity with OneDrive, increasing the likelihood they will click on the links and download the malware. In retail, attacks via Outlook are more successful than in other sectors – retail sees twice as many malware downloads via Outlook (10%) as other industry averages (5%).

The research also found that botnets and trojans are targeting network devices. Specifically, the Mirai botnet family has increasingly been seen to target exposed networking devices running Linux such as routers, cameras, and other IoT devices in the retail environment. Similarly, remote access trojans (RAT) were popular as they allow access to browsers and remote cameras, sending information to attackers or receiving ..

Support the originator by clicking the read the rest link below.