With remote work becoming the new normal, organizations globally are getting used to secure the work devices virtually. While the entire working community fit into the new working conditions, cybercriminals also ditched their old tactics and attempted innovative hacking techniques to target the remote workforce.
Adversaries are leveraging specially crafted malware or spyware to infect end-user devices like laptops, smartphones, and Internet of Things (IoT) devices, to pilfer sensitive corporate data. Research from Malwarebytes found a major change in the devices targeted and strategies deployed by threat actors. The 2021 State of Malware Report revealed that the use of tracking applications rose by 565% in 2020, while spyware app detections increased across the same period by 1,055%.
While regular culprits like Adware, Trojans, and cryptocurrency miners declined in 2020, there has been a huge spike in HackTools, Spyware, and other malware designed to compromise and harvest users’ sensitive information.
“In tandem with exploiting fear, cybercriminals sought to gather intelligence about targets. That meant deploying various information-gathering tools through malicious phishing attacks. During this time, threat actors leaned heavily on information stealers, Spyware, and tools that collected information about victims’ systems,” Malwarebytes said.
According to the report, during 2020 cybercriminals focused on:
- Exploiting public fear on the COVID-19 pandemic.
- Gather intelligence through phishing attacks, information stealers, and spyware.
- Upgrading existing malicious tools like Trickbot and brute force attacks.
- Malware detections on Windows business computers decreased by 24% overall, but detections for HackTools and Spyware on Windows increased dramatically — by 147% and 24%, respectively.
- Mac detections decreased by 38%, though Mac detections for businesses increased by 31%.
- Malware accounted for just 1.5% of all Mac detections in 2020 — the rest can be attributed to Potentially Unwanted Programs (PUPs) and Adware.
- Among the top five threats for both businesses and consumers were the Microsoft Office software cracker KMS, the banking malware Dridex, and Bitcoin Miners; business detections for KMS and Dridex rose by 2,251% and 973%, respectively.
- Detections for the most notorious business threats Emotet and Trickbot fell this year by 89% and 68% respectively, although the operators behind these threats still pulled off several big attacks in 2020.
- New ransomware called Egregor came onto the scene in late 2020, deployed in attacks against Ubisoft, K-Mart, Crytek, and Barnes & Noble.
“Malicious actors no longer need to be experts at crafting the whole chain of their attacks. The process can be broken up into chunks and these can be refined and perfected. This leaves malware authors to concentrate on making more effective malware, while malware distributors work to improve their networks, all while still making a profit and running their businesses,” Malwarebytes added.