IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

PowerShell threats increased over 200% last year

A new McAfee report finds PowerShell attacks driven largely by Donoff malware.

The number of threats leveraging PowerShell grew 208% in the last quarter of 2020, according to a new report by cybersecurity firm McAfee.

The  McAfee Threats Report of April 2021 found the Q4 2020 increase was driven largely by Donoff malware. It also observed numerous PowerShell attacks using process injection to insert code into legitimate running processes as a privilege escalation technique. 

Mobile malware grew 118% in Q4 due in part to a surge in SMS Reg samples, according to the report. Researchers said HiddenAds, Clicker, MoqHao, HiddenApp, Dropper, and FakeApp strains were the most detected mobile malware families.

Ransomware also grew in volume between Q3 and Q4 driven by Cryptodefense. Researchers said that REvil, Thanos, Ryuk, RansomeXX, and Maze groups topped the overall list of ransomware families.

MacOS malware exploded by 420% in Q3 due to EvilQuest ransomware but returned to normal levels in Q4. Office malware surged 199% from Q3 to Q4, and new Linux malware increased 6% at the same time.

Related Resource

Taking a proactive approach to cyber security

A complete guide to penetration testing

A complete guide to penetration testing - whitepaper from CyberCxDownload now

The number of overall threats grew too. In Q3 2020, McAfee Labs observed an average of 588 threats per minute, an increase of 169 threats per minute (40%). By the fourth quarter, this average rose to 648 threats per minute, an increase of 60 threats per minute (10%). The firm also observed nearly 3.1 million external attacks on cloud user accounts.

Adam Philpott, EMEA President at McAfee, said the continued increase in threats is a harsh reminder of how quickly and effectively cyber criminals have taken advantage of COVID-19.

“As we emerge from the pandemic and look to navigate the new normal, it’s important that businesses reconsider their approach to security to ensure business resilience and their ability to mitigate increased cyber risk,” Philpott said.

Philpott added that his company’s research also saw increases in ransomware, malware, and PowerShell attacks, highlighting the importance of IT teams being aware of the wide variety of threats that could target their organizations.

“It is now critical that organizations go beyond the basics to create and maintain a secure environment. By effectively using technology to prioritize threats, predict the types of campaigns that will be launched against them and pre-emptively improve their defensive countermeasures, organizations can rest assured that they’re doing everything they can to protect their business,” Philpott added.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Microsoft to double salary budget to retain workers
Careers & training

Microsoft to double salary budget to retain workers

17 May 2022