The risk of cyber attacks is increasing more and more. In addition to the acute Java vulnerability Log4Shell, new malware variants are increasingly threatening the security of the company. […]
In total, six of the ten most common malware variants are new, the security experts at G Data write in a recent report. Last year, they identified more than 23.7 million different types of malware. Compared to 2020, this is an increase of more than 47 percent. “Cybercriminals continue to keep up the pace. They publish almost 65,000 new variants of their malware – that’s 45 new attack vectors per minute,“ the experts say.
The number of published malware variants is increasing (c) G DATA
Recently, Remote Access Trojans have accounted for a large part of the most common types of attacks. The security experts assume that cybercriminals combine different types of malware in order to increase their profit. For this, the attackers would not even have to develop the programs themselves, but only assemble the individual parts, says Tim Berghoff, Security Evangelist at G DATA CyberDefense. They would acquire the building blocks for this as malware-as-a-service in underground forums.
For example, criminals could use Emotet as a malware distributor for the initial infection. They could then use an information stealer such as Dridex to retrieve data from the company and end up encrypting the systems with a ransomware such as Shade.
Emotet ranks second in the top ten most common malware variants with 14.1 percent (c) G DATA
As part of an analysis, the cyber defense experts have identified the following ten most common types of malware:
- Dridex ( Information Stealer)
- Emotet ( Malware Distributor)
- Tofsee ( Bot)
- Bodelph ( Backdoor)
- Trickbot ( Malware Distributor)
- Bladabindi ( Remote Access Trojan)
- Shadow ( Ransomware)
- BlackShades ( Remote Access Trojan)
- AgentTesla ( Information Stealer)
- Pistol ( Dropper)
“The return of Emotet and vulnerabilities in systems that can be reached from the Internet are just two of the countless challenges that companies have to solve this year,” emphasizes Tim Berghoff. Those responsible would have to face reality and take precautions for an IT emergency, comparable to emergency plans for a fire, for example. “The probability of falling victim to a cyber attack is definitely higher than a fire in the office,” warns Berghoff. But those who prepare for it are able to act even in the worst case and are ready to use again faster.
*Julia Mutzbauer is a Junior Editor at CSO. Her main focus is security.