Understanding the Top Malware Threats of 2021
Written on
Chapter 1: Introduction to Malware Threats
Awareness of potential cybersecurity threats is crucial in today’s digital landscape. As organizations increasingly fall victim to cyber incidents, the importance of understanding these threats has come to the forefront. Law enforcement agencies continue to work tirelessly to track down cybercriminals, but the responsibility also lies with individuals and organizations to remain vigilant against such attacks.
In a recent advisory, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) identified the top malware families posing risks in 2021. This list encompasses various malware types that have evolved over the years, including banking trojans, remote access trojans, information stealers, and ransomware delivery systems.
The report highlights that many of these malware strains are specifically designed for cybercriminals to deploy ransomware or steal sensitive personal and financial data. Notably, TrickBot began as a banking trojan but has since transformed into modular malware that assists ransomware operations. The advisory also explores the evolution of these malware campaigns, including their funding and support mechanisms.
For further insights on combating ransomware, check out the following video:
Chapter 2: The Top Malware Strains Identified
The advisory outlines the following significant malware strains, as classified by CISA and ACSC:
- Agent Tesla — Type: RAT | Active Since: 2014 | Delivery: Malicious attachments in phishing emails.
- AZORult — Type: Trojan | Active Since: 2016 | Delivery: Phishing, compromised websites, exploit kits, or via dropper malware.
- FormBook — Type: Trojan | Active Since: 2016 | Delivery: Email attachments in phishing campaigns.
- Ursnif — Type: Trojan | Active Since: 2007 | Delivery: Malicious email attachments.
- LokiBot — Type: Trojan | Active Since: 2015 | Delivery: Malicious attachments in emails.
- MOUSEISLAND — Type: Macro downloader | Active Since: 2019 | Delivery: Typically as an email attachment.
- NanoCore — Type: RAT | Active Since: 2013 | Delivery: ISO images in email, malicious ZIP files, or infected PDFs.
- Qakbot — Type: Trojan | Active Since: 2007 | Delivery: Email attachments, hyperlinks, or embedded images.
- Remcos — Type: RAT | Active Since: 2016 | Delivery: Malicious attachments in phishing emails.
- TrickBot — Type: Trojan | Active Since: 2016 | Delivery: Hyperlinks in emails.
- GootLoader — Type: Loader | Active Since: 2020 | Delivery: Malicious files on compromised high-ranking websites.
To learn strategies for defending against ransomware attacks, watch this informative video:
Chapter 3: Resources for Cybersecurity Awareness
For those looking to stay informed about emerging threats and effective countermeasures, several resources are available. The U.S. government's StopRansomware.gov serves as a centralized portal for ransomware-related information and alerts. Additionally, the ACSC offers strategies for organizations to mitigate cybersecurity incidents, strongly recommending their implementation.
Stay updated with vital information—subscribe to my weekly newsletter for more insights.