Experts say the number of malware detected is declining, but it’s still too early to celebrate.
The WatchGuard Technologies internet security report states that there has been a decline in the overall number of malware detections compared to the peaks recorded in the first half of 2021.
According to the report, the detection of endpoints decreased by 20%.
Follina wreaks havoc
While this may sound good in itself, there is more to it than meets the eye: “While the overall number of malware attacks in Q2 declined compared to record levels in previous quarters, more than 81% of detections were via TLS. encrypted connections, continuing a worrying growth trend, said Corey Nachreiner, Chief Security Officer at WatchGuard. “This may reflect cybercriminals changing tactics to rely on more elusive malware.”
Moreover, researchers say they have registered an increase in threats to Chrome and Microsoft Office. The most important incident this quarter was the Follina Office exploit, a vulnerability that allowed cybercriminals to run malicious code remotely, requiring nothing but minimal interaction from the victim. Supposedly, everyone from scammers looking for quick money to state actors have used Follina and are likely to use it today against unpatched endpoints.
At the same time, the number of malicious programs that use browsers increased by almost a quarter (23%). Chrome had it worse, experiencing a 50% increase. Most of the detections (87%) this quarter concerned malicious scripts.
Finally, WatchGuard believes that we should not lose our vigilance against the dreaded Emotet. Although its size has decreased since the last quarter, it remains “one of the biggest threats to network security”.
The researchers concluded that one of the top 10 and top five encrypted malware detections this quarter was XLM.Trojan.abracadabra, a Win Code injector that spreads Emotet.