The volume of new malware threats hit a new high to average 688 threats per minute during the first quarter of 2021, new research has claimed.
The astonishing number of malware threats, which represents an increase of 40 threats/minute compared to the last quarter of 2020, emerged as part of McAfee’s analysis of the cybercriminal activity in Q1 2021.
McAfee also noticed threat actors changing their modus operandi, shifting away from low-return, mass-spread ransomware campaigns to instead focus their efforts on fewer, customized Ransomware-as-a-Service (RaaS) campaigns to target larger, more lucrative businesses.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
“We first saw them [cybercriminals] use ransomware to extract small payments from millions of individual victims. Today, we see Ransomware as a Service supporting many players in these illicit schemes holding organizations hostage and extorting massive sums for the criminals,” observed Raj Samani, McAfee fellow and chief scientist.
McAfee shares that by enabling attackers to launch unique attacks, RaaS affiliate networks also help the threat actors minimize the risk of detection.
As a result of this change in tactics, ransomware attacks, in terms of absolute numbers, declined by 50% in Q1 2021.
Based on McAfee’s analysis, despite the recent high profile campaigns from the DarkSide, such as the Colonial Pipeline attack, REvil was the most detected ransomware in Q1 2021, followed by the RansomeXX, Ryuk, NetWalker, Thanos, MountLocker, WastedLocker, Conti, Maze and Babuk strains.
The quarter also saw a 117% rise in the spread of cryptomining malware, which McAfee attributes to the availability of 64-bit mining apps. McAfee also observed several new strains of malware that are designed to exploit vulnerabilities in Internet of Things (IoT) devices like DVRs, webcams and routers to tie them into a botnet for use in DDoS attacks.