The volume of new malware (opens in new tab) threats hit a new high to average 688 threats per minute during the first quarter of 2021, new research has claimed.
The astonishing number of malware threats, which represents an increase of 40 threats/minute compared to the last quarter of 2020, emerged as part of McAfee (opens in new tab)’s analysis of the cybercriminal activity in Q1 2021.
McAfee also noticed threat actors changing their modus operandi, shifting away from low-return, mass-spread ransomware (opens in new tab) campaigns to instead focus their efforts on fewer, customized Ransomware-as-a-Service (RaaS) campaigns to target larger, more lucrative businesses.
- These are the best endpoint protection tools (opens in new tab)
- Here are the best ransomware protection tools (opens in new tab)
- Check our list of the best firewall apps and services (opens in new tab)
“We first saw them [cybercriminals] use ransomware to extract small payments from millions of individual victims. Today, we see Ransomware as a Service supporting many players in these illicit schemes holding organizations hostage and extorting massive sums for the criminals,” observed Raj Samani, McAfee fellow and chief scientist.
Threat landscape
McAfee shares that by enabling attackers to launch unique attacks, RaaS affiliate networks also help the threat actors minimize the risk of detection.
As a result of this change in tactics, ransomware attacks, in terms of absolute numbers, declined by 50% in Q1 2021.
Based on McAfee’s analysis, despite the recent high profile campaigns from the DarkSide, such as the Colonial Pipeline attack (opens in new tab), REvil was the most detected ransomware in Q1 2021, followed by the RansomeXX, Ryuk, NetWalker, Thanos, MountLocker, WastedLocker, Conti, Maze and Babuk strains.
The quarter also saw a 117% rise in the spread of cryptomining (opens in new tab) malware, which McAfee attributes to the availability of 64-bit mining apps. McAfee also observed several new strains of malware that are designed to exploit vulnerabilities in Internet of Things (IoT (opens in new tab)) devices like DVRs (opens in new tab), webcams (opens in new tab) and routers (opens in new tab) to tie them into a botnet for use in DDoS attacks (opens in new tab).
- Protect your devices with these best antivirus software (opens in new tab)