Security News > 2023 > April > The hidden picture of malware attack trends
Despite the decline in network-detected malware in Q4 2022, endpoint ransomware spiked by 627%, while malware associated with phishing campaigns persisted as a threat, according to WatchGuard.
Despite seeing an overall decline in malware, further analysis from WatchGuard Threat Lab researchers looking at Fireboxes that decrypt HTTPS traffic found a higher incidence of malware, indicating malware activity has shifted to encrypted traffic.
"A continuing and concerning trend in our data and research shows that encryption - or, more accurately, the lack of decryption at the network perimeter - is hiding the full picture of malware attack trends," said Corey Nachreiner, CSO at WatchGuard.
Network-based malware detections dropped approximately 9.2% percent quarter over quarter during Q4. This continues a general decline in malware detections over the last two quarters.
Endpoint malware detections increased 22%. While network malware detections fell, endpoint detection rose in Q4. This supports the team's hypothesis of malware shifting to encrypted channels.
In browser malware detections, threat actors targeted Internet Explorer the most with 42% of the detections, followed by Firefox with 38%. Zero day or evasive malware has dropped to 43% in unencrypted traffic.
News URL
https://www.helpnetsecurity.com/2023/04/06/malware-attack-trends-q4-2022/
Related news
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)
- New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- NoName ransomware gang deploying RansomHub malware in recent attacks (source)
- Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack (source)
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (source)
- Hackers deploy AI-written malware in targeted attacks (source)
- N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks (source)
- New RomCom malware variant 'SnipBot' spotted in data theft attacks (source)