PowerShell threats increased over 200% last year

A new McAfee report finds PowerShell attacks driven largely by Donoff malware.

The number of threats leveraging PowerShell grew 208% in the last quarter of 2020, according to a new report by cybersecurity firm McAfee.

The  McAfee Threats Report of April 2021 found the Q4 2020 increase was driven largely by Donoff malware. It also observed numerous PowerShell attacks using process injection to insert code into legitimate running processes as a privilege escalation technique. 

Mobile malware grew 118% in Q4 due in part to a surge in SMS Reg samples, according to the report. Researchers said HiddenAds, Clicker, MoqHao, HiddenApp, Dropper, and FakeApp strains were the most detected mobile malware families.

Ransomware also grew in volume between Q3 and Q4 driven by Cryptodefense. Researchers said that REvil, Thanos, Ryuk, RansomeXX, and Maze groups topped the overall list of ransomware families.

MacOS malware exploded by 420% in Q3 due to EvilQuest ransomware but returned to normal levels in Q4. Office malware surged 199% from Q3 to Q4, and new Linux malware increased 6% at the same time.

Related Resource

Taking a proactive approach to cyber security

A complete guide to penetration testing

A complete guide to penetration testing - whitepaper from CyberCxDownload now

The number of overall threats grew too. In Q3 2020, McAfee Labs observed an average of 588 threats per minute, an increase of 169 threats per minute (40%). By the fourth quarter, this average rose to 648 threats per minute, an increase of 60 threats per minute (10%). The firm also observed nearly 3.1 million external attacks on cloud user accounts.

Adam Philpott, EMEA President at McAfee, said the continued increase in threats is a harsh reminder of how quickly and effectively cyber criminals have taken advantage of COVID-19.

“As we emerge from the pandemic and look to navigate the new normal, it’s important that businesses reconsider their approach to security to ensure business resilience and their ability to mitigate increased cyber risk,” Philpott said.

Philpott added that his company’s research also saw increases in ransomware, malware, and PowerShell attacks, highlighting the importance of IT teams being aware of the wide variety of threats that could target their organizations.

“It is now critical that organizations go beyond the basics to create and maintain a secure environment. By effectively using technology to prioritize threats, predict the types of campaigns that will be launched against them and pre-emptively improve their defensive countermeasures, organizations can rest assured that they’re doing everything they can to protect their business,” Philpott added.

Featured Resources

Seven steps to connect and empower your frontline workers

How business leaders can improve communication with a secure platform

Free download

Create what’s next

The future of collaboration and productivity

Free Download

Leveraging the cloud without relinquishing control

Your data. Their cloud.

Free download

Re-architecting for nonstop innovation

Unlocking productivity, scalability, and lower costs for cloud natives

Free Download

Recommended

SMBs urged to update software ahead of Black Friday
e commerce

SMBs urged to update software ahead of Black Friday

25 Nov 2021
US adds dozen Chinese tech companies to trade blacklist
Policy & legislation

US adds dozen Chinese tech companies to trade blacklist

25 Nov 2021
Fifth of UK security pros discriminated against in 2021
Careers & training

Fifth of UK security pros discriminated against in 2021

23 Nov 2021
Wind turbine maker Vestas hit by cyber attack
cyber attacks

Wind turbine maker Vestas hit by cyber attack

22 Nov 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
How to speed up Microsoft's Windows 11
Microsoft Windows

How to speed up Microsoft's Windows 11

9 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021