Stalkerware attacks saw 'staggering' rise in 2020

Stalkerware
(Image credit: Shutterstock.com / New Africa)
Audio player loading…

Cybersecurity firm Malwarebytes (opens in new tab) has released its annual “State of Malware (opens in new tab)” report, revealing that cyberattackers have shifted tactics and targets as a result of the COVID-19 pandemic. In particular, there was a marked increase in stalkerware across 2020.

With businesses forced to unexpectedly implement remote working policies, many did not have time to adopt the kinds of security safeguards that are found in an office environment. This has not gone unnoticed by cyberattackers. As well as a number of high-profile incidents, including the Marriot Hotels data breach (opens in new tab) and the SolarWinds (opens in new tab) supply chain attack, the use of tracking applications increased by 565% between January and December last year, while spyware detections rose by 1,055% across the same period.

Other notable threats to emerge against the backdrop of the pandemic include the Microsoft Office (opens in new tab) software cracker KMS, the banking malware Dridex, and the cryptocurrency mining (opens in new tab) strain BitCoinMiner. Ransomware also became more targeted last year, resulting in larger financial rewards. One particular ransomware group, known as REvil, or Sodinokibi, claimed to collect $100 million in 2020.

Shifting threats

Overall, although the number of malware incidents does not appear to be increasing, their sophistication is. Dangerous banking trojans, pre-installed mobile (opens in new tab) malware, and adware were all commonly seen throughout 2020 – many deliberately targeting individuals working remotely, away from corporate cyberdefences.

“This past year has taught us that cybercriminals are increasingly formidable, planning long-term, strategic, and focused attacks that are sometimes years in the making. 2020 continued to show us that no company is immune, and there is no such thing as ‘safe enough,’” Marcin Kleczynski, CEO of Malwarebytes, said. 

“The COVID-19 pandemic compounded this with new challenges in securing remote workforces, making it essential that we quickly become more adaptable and learn how to better protect workers in any environment. While our total detections are down this year, we must remain vigilant. The threats we are seeing are more refined and damaging than ever before.”

There is some good news, however. The notorious malware strains known as Emotet and Trickbot are apparently ‘mostly’ dead, with detections falling by 89 and 69% respectively.

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.