Cybersecurity firm Malwarebytes has released its annual “State of Malware” report, revealing that cyberattackers have shifted tactics and targets as a result of the COVID-19 pandemic. In particular, there was a marked increase in stalkerware across 2020.
With businesses forced to unexpectedly implement remote working policies, many did not have time to adopt the kinds of security safeguards that are found in an office environment. This has not gone unnoticed by cyberattackers. As well as a number of high-profile incidents, including the Marriot Hotels data breach and the SolarWinds supply chain attack, the use of tracking applications increased by 565% between January and December last year, while spyware detections rose by 1,055% across the same period.
Other notable threats to emerge against the backdrop of the pandemic include the Microsoft Office software cracker KMS, the banking malware Dridex, and the cryptocurrency mining strain BitCoinMiner. Ransomware also became more targeted last year, resulting in larger financial rewards. One particular ransomware group, known as REvil, or Sodinokibi, claimed to collect $100 million in 2020.
Shifting threats
Overall, although the number of malware incidents does not appear to be increasing, their sophistication is. Dangerous banking trojans, pre-installed mobile malware, and adware were all commonly seen throughout 2020 – many deliberately targeting individuals working remotely, away from corporate cyberdefences.
“This past year has taught us that cybercriminals are increasingly formidable, planning long-term, strategic, and focused attacks that are sometimes years in the making. 2020 continued to show us that no company is immune, and there is no such thing as ‘safe enough,’” Marcin Kleczynski, CEO of Malwarebytes, said.
“The COVID-19 pandemic compounded this with new challenges in securing remote workforces, making it essential that we quickly become more adaptable and learn how to better protect workers in any environment. While our total detections are down this year, we must remain vigilant. The threats we are seeing are more refined and damaging than ever before.”
There is some good news, however. The notorious malware strains known as Emotet and Trickbot are apparently ‘mostly’ dead, with detections falling by 89 and 69% respectively.