The number of detections of malware impacting businesses has grown dramatically over the past year, suggesting business malware is producing the biggest benefits for cybercriminals.
Not only did it find that overall business malware detections had increased by 79% from 2017, but also discovered that several types of malware attacks had climbed over 100%.
“The year 2018 was action-packed from start to finish,” said Adam Kujawa, Director of Malwarebytes Labs.
“It began with threat actors: diversifying their cryptomining tactics; broadening their reach to Android, Mac and cryptomining malware; and experimenting with new innovations in browser-based attacks.
“While cryptomining died down by the second quarter, a new set of threats took its place: information-stealers. Trojans, especially Emotet and TrickBot, were top business detections across verticals and around the globe.”
The attack types driving the climb in business malware
Businesses became the target of choice for attackers in the second half of 2018, as attackers made use of a variety of attack types.
Backdoor malware, which involves using backdoors in company systems to exploit security vulnerabilities, grew the most, by 173%.
Spyware, which allows attackers to acquire data undetected, also increased in prevalence by 142%.
Trojans, which package malware in legitimate software or files, climbed by 132%, while riskware tools, which are legitimate programs that are exploited to cause damage, grew by 126%.
“We experienced another very active year for malware that shows no signs of stopping,” said Marcin Kleczynski, Malwarebytes CEO.
“Attackers continued to shift their methodologies to follow the payload. We saw evidence of this with the strong focus on attacking businesses with insecure and unpatched networks. From massive data breaches to ransomware attacks, businesses are experiencing what consumers have been dealing with, but on a larger scale.”