In its annual “State of Malware” report, endpoint protection solutions company, MalwarebytesTM, showed that Mac threats are growing faster than their Windows counterparts for the first time ever, with nearly twice as many Mac threats detected per endpoint as Windows threats.
In addition, Malwarebytes saw cybercriminals continuing to focus on business targets with a diversification of threat types and attack strategies in 2019.
Trojan-turned-botnets Emotet and TrickBot made a return in 2019 to target organizations alongside new ransomware families, such as Ryuk, Sodinokibi and Phobos. In addition, a wave of new hack tools and registry key disablers made a splashy debut in Malwarebytes’ top detections, reflecting greater sophistication used by today’s business-focused attackers.
Adware was particularly problematic for consumers and businesses on Windows, Mac and Android devices, deploying aggressive techniques for serving up advertisements, hijacking browsers, redirecting web traffic and proving extremely difficult to uninstall.
“A rise in pre-installed malware, adware and multi-vector attacks signals that threat actors are becoming more creative and increasingly persistent with their campaigns,” said Marcin Kleczynski, CEO of Malwarebytes. “It is imperative that, as an industry, we continue to raise the bar in defending against these sophisticated attacks, actively protecting both users and businesses by flagging and blocking all programs that may violate their privacy, infect their devices, or even turn the infrastructure they depend on against them.”
Key findings from the report include:
- Mac threats significantly ramp up: Malwarebytes detected an average of 11 threats per Mac endpoint in 2019—nearly double the average of 5.8 threats per endpoint on Windows. Overall Mac threats increased by more than 400%, year-over-year.
- Business detections continued to rise: In 2019, global business threats rose 13%to about 9.6 million detections.
- HackTools triumph: With consumer detections of HackTools up 42%, this is a threat to watch in 2020, bolstered by families such as MimiKatz, which also targeted businesses.
- Dynamic duo does damage: TrickBot and Emotet once again reigned globally, targeting businesses heavily in the last year. Emotet was Malwarebytes’ second-most detected threat against businesses in 2019. Meanwhile, TrickBot saw enormous growth, with business detections on-the-rise by 52%, year-over-year.
- Ransomware is rampant: Ransomware targeted cities, schools and healthcare organizations with increased vigor in 2019. Newer ransomware families saw the highest growth, with Ryuk business detections up by 543%, year-over-year, and Sodinokibi increasing by 820% since its introduction in May 2019.
- Beware of adware: Adware increased 13 percent, year-over-year, for consumers and 463 percent for businesses. Seven of the 10 top consumer threat families were adware variants, as well as five of the top 10 business threat families.
- Pre-installed malware became pervasive: Malwarebytes’ top-rated mobile threat in 2019 was a team of pre-installed potentially unwanted program (PUP) variants that combined for 321,103 detections. These auto installers ship with Android devices and are used to update the phone’s firmware—but they also take and sell personal information.
- Just keep skimming: Credit card skimmers, or Magecart, were one of the most prevalent web threats in 2019. Malwarebytes predicts that Magecart activity will continue in 2020 with more e-commerce platforms targeted.
- Key targets shift: The services sector leapfrogged over education and retail, snagging the top spot for industries impacted by threats in 2019. Notably this includes managed service providers (MSPs), which are being leveraged to take advantage of their network of clients.
For more detailed analysis of the above threats and findings, as well as 2020 predictions, please view the comprehensive State of Malware report here: https://blog.malwarebytes.com/reports/2020/02/malwarebytes-labs-releases-2020-state-of-malware-report/