Research Reveals LockBit Ransomware Surges While Android Droppers Emerge as Top Business Threat

Malwarebytes State of Malware report warns against ransomware gang behind one-third of all attacks and the trojan horse of apps lurking in IT environments

Malwarebytes, a global leader in real-time cyber protection, recently announced the release of its annual cybersecurity trend and threat intelligence report: 2023 State of Malware. The report shares key cybersecurity developments of 2022 and explains why organizations that protect against the five most dangerous cyberthreat archetypes  today will be better secured this year.

“In today’s rapid fire threat landscape, under-resourced organizations often struggle with where to focus their time, attention, and resources,” said Mark Stockley, Cybersecurity Evangelist, Malwarebytes. “This report acts as a guide to those organizations by focusing their limited time on a small number of critical threats across Windows, Mac, and Android. If organizations can understand what it takes to prevent these threats, they are well placed to stop a huge number of other attacks as well.”

Key findings from the report include:

  • LockBit: The Most Dominant Ransomware – LockBit rose to dominance in 2022 and accounted for about one-third of all known ransomware as-a-service (RaaS) attacks, more than three times as many known attacks as the next most active ransomware, ALPHV.
  • SocGholish: Simple but Effective – Using websites to spread, rather than attachments, software vulnerabilities, or brute force attacks, the threat comes disguised as a critical browser update. Malwarebytes found that SocGholish performs eligibility checks to ensure it is only triggered by legitimate targets and using lures and malware meant to attract individual targets.
  • Android Droppers: Businesses’ Biggest Threat – Droppers, trojan horses that disguise themselves as innocent apps, can be used to deliver pernicious threats like HiddenAds that bombard users with aggressive ads, banking trojans like ShareBot, and spy malware to harvest passwords, geo location, record audio, and even take pictures. In 2022, droppers accounted for 14% of detections on Android.
  • Genio: The Mac Menace – Malwarebytes tracks tens of millions of detection events for Mac adware and potentially unwanted programs (PUPs), but the worst is OSX.Genio. In 2022, it was the second most common detection on Macs, appearing on 10 percent of all machines that triggered a detection event.

Learn more about the report and how businesses can protect themselves:

  • LinkedIn Live on February 23 at 11am PT – Join Cybersecurity Evangelist, Mark Stockley, as he breaks down the five most dangerous threats facing businesses this year – including LockBit and SocGholish. Stockley will dissect how the threats are delivered, where they spread, what they destroy, and the best practices to protect against them.
  • ThreatDown Webinar on March 15 – Jérôme Segura, Senior Director of Threat Intelligence, and Cybersecurity Evangelist, Mark Stockley, provide a breakdown of the top five cyberthreat archetypes to stop this year and share guidance on how to catch the emerging, hard-to-detect attacks that don’t rely on malware.

LEAVE A REPLY

Please enter your comment!
Please enter your name here