Current Malware Trends (2024)

Malware is any malicious software specifically designed to disrupt, damage, or gain unauthorized access to a computer system. Malwarebytes, a leading anti-malware software company, released a 2024 ThreatDown State of Malware report based on trends in malware throughout 2023. This article covers those trends and steps that can be taken by Dartmouth employees to prevent malware attacks. 

Malwarebytes 2024 ThreatDown State of Malware Report

  • In 2023, the United States accounted for almost half of all global ransomware attacks.
  • The average ransom demand has risen significantly, with the largest known demand being for $80 million following an attack on Royal Mail.
  • LockBit is the most widely used ransomware service provider, accounting for more than twice as many attacks as the second most widely used provider in 2023.
    • LockBit is malicious ransomware that blocks user access to computer systems until a payment is made.
  • Malicious advertising (malvertising) has made a comeback, tricking users into downloading malware onto their Windows and Mac devices in the form of fake advertisements impersonating major brands.
  • The top 5 most impersonated brands in 2023:
    1. Amazon
    2. Rufus
    3. Weebly
    4. Notepad++
    5. Trading View
  • The top 5 most abused hosts:
    1. Dropbox
    2. Discord
    3. 4sync
    4. Gitlab
    5. Google

Top 5 most frequently discovered malware

  • Aurora Stealer
    • Commercial infostealer
    • Can grab browser passwords/cookies and cryptocurrency wallet info from desktop applications and web-based wallets
    • Can also take screenshots of files from a victim’s device
  • Vidar
    • Runs on Windows and can collect wide range of sensitive data from browsers and digital wallets.
    • One of the first “stealers” that grabs info on 2FA software
  • Redline Stealer
    • Malware available for sale on underground forums
    • Harvests info from browsers including saved credentials, autocomplete data, and credit card info
    • Also takes system inventory
  • BatLoader
    • Uses Google Ads and software impersonation (e.g. Adobe, Spotify, etc.) to deliver malware
  • IcedID
    • Banking trojan
    • Primary purpose: steal login credentials or user accounts at financial institutions

Malware trends by operating system

  • Android
    • Banking trojans - malware disguised as regular apps to copy banking passwords and steal money directly from accounts
    • 88,500 Android banking trojans detected in 2023
  • Macs
    • Demand for Macs has grown with Macs now representing 31% of US desktop operating systems, making them an increasingly popular target for malware attackers
  • Windows
    • Living off the Land Attacks - malicious activities carried out by legitimate IT administration tools (e.g. Powershell)
    • Windows Management Instrumentation (WMI) was the top technique for these cyberattacks in 2023, accounting for 27% of all Living off the Land attacks throughout the year

Tips to prevent malware attacks

  • Install and update security software
    • This includes anti-virus and anti-spyware programs, which you should use to scan and remove malware from your device regularly
  • Secure authentication practices
    • Use strong passwords and multi-factor authentication methods (see email security and authentication methods for more info)
  • Limit administrator account usage
    • Only utilize administrative privileges when necessary
  • Regularly update software
    • Including operating systems, browsers, and plug-ins
    • Validate and install software patches
  • Educate and monitor user behavior
    • This is more on the security team’s end, but users can also keep themselves educated about current malware threats, cybersecurity best practices, and how to recognize potential risks
  • Adopt the least-privilege model
    • Grant users minimum accessed needed to complete their work
    • This will help reduce potential impact if an account is compromised by a malware attack
  • Implement email security measures
    • See email security article (coming soon!)
  • https://www.clouddefense.ai/how-to-prevent-malware-attacks/ ​​​​​​​
Print Article

Details

Article ID: 158933
Created
Wed 5/8/24 4:53 PM