Report: Malware-as-a-Service Infections Biggest Threat to Organizations in Second Half of 2023
The 2023 End of Year Threat Report by Darktrace highlighted that Malware-as-a-Service (MaaS) infections were the biggest threat to organizations in the second half of 2023.
The report noted the cross-functional adaption of many malware strains, combining malware loaders like remote access trojans (RATs) with information-stealing malware, making them particularly dangerous to organizations due to their ability to harvest data and credentials without exfiltrating files, making detection harder.
One example highlighted in the report was ViperSoftX, an information stealer and RAT malware known to gather privileged information such as cryptocurrency wallet addresses and password information stored in browsers or password managers.
The report also noted an uptick in Ransomware-as-a-Service (RaaS) attacks in 2023, marking a shift away from conventional ransomware. The dismantling of the Hive ransomware group by law enforcement in January 2023 led to an increased proliferation of the ransomware marketplace, with the rise of ScamClub and AsyncRAT.
Darktrace predicted that more ransomware actors will employ double and triple extortion tactics next year, utilizing the growing availability of multi-functional malware.
The report also highlighted attackers using AI in phishing campaigns, with 65% of phishing emails observed by Darktrace last year successfully bypassing Domain-based Message Authentication (DMARC) verification checks and 58% of these messages passing through all existing security layers.
Hanah Darley, Director of Threat Research at Darktrace, commented on the evolving threats facing organizations, stating, “Throughout 2023, we observed significant development and evolution of malware and ransomware threats, as well as changing attacker tactics and techniques resulting from innovation in the tech industry at large, including the rise in generative AI. Against this backdrop, the breadth, scope, and complexity of threats facing organizations has grown significantly.”