IntroductionWelcome to the McAfee® Labs Threats Report, December 2018. In this edition, we highlight the notable investigative research and trends in threats statistics and observations gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q3 of 2018.
We are very excited to present to you new insights and a new format in this report. We are dedicated to listening to our customers to determine what you find important and how we can add value. In recent months we have gathered more threat intelligence, correlating and analyzing data to provide more useful insights into what is happening in the evolving threat landscape. McAfee is collaborating closely with MITRE Corporation in extending the techniques of its MITRE ATT&CK™ knowledge base, and we now include the model in our report. We have just started to refine our process and reports. You can expect more from us, and we welcome your feedback.
Although the aftermath of takedowns of underground markets were still apparent in Q3, many other underground markets have eagerly filled the gaps. With the services on offer, the effectiveness of cybercriminals is increasing. During this quarter we also noticed greater activity from the GandCrab ransomware family. Using an affiliate program, demonstrating agile development, and mixing with other cybercrime services such as exploit kits have resulted in a big wave of attacks from this family.
The third quarter was also highlighted by major security conferences. Representatives of the McAfee Advanced Threat Research team shared insights from their research at several of these events. At DEF CON we demonstrated how an attacker could manipulate medical devices. During Black Hat USA, the team released research into code reuse by North Korean malware families that revealed previously undiscovered links.
We also welcomed many customers and partners as we shared our latest research at the McAfee MPOWER conferences in Las Vegas, Sydney, Tokyo, and Rome. During this quarter, we have stayed busy analyzing threats, welcoming new researchers to the team, and especially publishing our findings. You can read our results on our blogs page and our team’s page.We hope you enjoy the new format and we look forward to your reactions.