Sleeper Malware: The trojan horse of cybercrime

What is Sleeper Malware?

When most people think of cybercrime, they imagine clicking on a link in an email and a virus infecting their laptop, or being tricked into sharing personal information. It’s a quick decision – one click sometimes costs upwards of hundreds of thousands of pounds in damages. It’s brutal and it’s dangerous, but at least you can often pinpoint the thing that caused it, the very moment you slipped up and clicked on something you shouldn’t have.   

Sadly, that is no longer always the case. Recently, more and more cyber-attacks are becoming increasingly difficult to identify. Malware attacks – caused by malicious software being downloaded and infecting a device – could be linked back to a certain website or email. It was still a threat, but one that could be overcome if identified quickly.  

Hackers quickly learned that to get the big payouts, they needed to up their game. So, they went away and did their research, coming back with an even bigger threat than before: sleeper malware.  

sleeper malware trojan horse

How does sleeper malware work and is it common?

Sleeper malware operates in much the same way as its more alert cousin, but with one key difference. It doesn’t attack straight away. Like a trojan horse, sleeper malware lies in wait on the device it has infected, timed to go off either on a specific date, or at the end of its countdown. Then when the time comes, it’s too late to identify where the threat has come from and too late to stop it.  

A local council recently discovered just how dangerous sleeper malware can be, when their systems were subject to a cyber-attack in late December last year. Many of their systems were compromised, including city planning, with a deal for a university campus expansion disrupted by the attack. This meant that feedback relating to the project had to be resubmitted and agreed plans were lost.  

Over three months later, the council is still trying to fix what happened. They have been forced to set aside over £630,000 to pay for damages caused by the attack, with the final costs expected to be even higher.  

No specific cause or source of the attack has been identified, likely because it can’t be. With sleeper malware, it’s a lot harder to trace back the software to wherever it came from – though as with all malware, the most likely culprit will have been a suspicious download, or an unfamiliar link.  

To remain vigilant to these attacks, always check the source of information you are receiving is reputable and never click on a link or download unless you’re confident it’s secure. Watch out for prompts telling you ‘You must act now!’ or that something is urgent, and if in doubt, report your concerns to your IT department immediately.  

Get in touch

If you’d like to find out more about how you can protect yourself or your organisation from cybercrime, Boxphish has the tools to help. At Boxphish, we are passionate about providing our users with the skills needed to identify and avoid cyber-attacks, reducing risk and protecting both the individual and the organisation. 

Our courses are extremely easy to use and do not eat into valuable work hours for your employees. Educate your employees on how to avoid the threat from cybercriminals via real life phishing training and simulations. Boxphish provides an automated approach with rich insights to help you combat against email based cyber attacks.

We use interactive training and real-world attack simulations to educate and train our users, with courses tailored to individual needs and industries. Click here to view our cyber security awareness training and book your demo today. 

Do you want to eliminate cyber security breaches?