A recent Darktrace analysis states that the largest threat to enterprises in the second half of 2023 was malware-as-a-service infections.
Many malware strains have become cross-functionally adaptive, as noted in the 2023 End of Year Threat Report.
This comprises the combination of information-stealing malware with malware loaders like remote access trojans.
Because these malicious tools may gather passwords and data without compromising files, which makes detection more difficult, they pose a special risk to enterprises.
One well-known instance of this was the information-stealing and remote access Trojan called ViperSoftX, which was designed to obtain sensitive data such as Bitcoin wallet addresses and passwords kept in password managers or browsers.
2020 saw the first recorded sighting of ViperSoftX in the wild strains discovered in 2022 and 2023 have more advanced detection evasion strategies and capabilities.
Another instance is the ransomware known as Black Basta, which spreads the Qbot banking virus to steal credentials.
Additional Transition to Ransomware-as-a-Service The research also noted a move away from traditional ransomware in 2023 with an increase in RaaS assaults.
It was reported that the ransomware market expanded after law enforcement dismantled the Hive ransomware gang in January 2023.
Among these was the emergence of ScamClub, a malvertising actor that sends false virus alerts to well-known news websites, and AsyncRAT, which has been targeting US infrastructure workers lately.
According to Darktrace's prediction, an increasing number of ransomware attackers are expected to utilize multi-functional malware and double and triple extortion tactics in the upcoming year.
According to the company, in 2024 the MaaS and RaaS ecosystems should continue to flourish, hence reducing the entry barrier for cybercriminals.
Attackers Incorporating AI into Phishing Schemes According to Darktrace, last year it saw threat actors use additional creative strategies to get beyond an organization's security measures.
This includes phishing and other increasingly successful email attacks that try to trick users into downloading dangerous payloads or divulging private information.
58% of phishing emails that Darktrace saw last year were able to get past all security measures in place, while 65% of the emails were able to effectively evade Domain-based Message Authentication verification checks.
According to the researchers, a lot of attackers are using generative AI technologies to automate the creation of more realistic phishing operations.
This Cyber News was published on www.cysecurity.news. Publication date: Thu, 08 Feb 2024 16:13:04 +0000