Malware, Botnets And Exploit Use Expands In Q1 Says Nuspire

Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q1 2022 Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs), as well as provides data and insight into malware, exploit and botnet activity.

Nuspire’s data revealed a significant number of new vulnerabilities leading to increases in threat actor activity across all three of the threat classifications it studies: malware, botnets and exploits. Of note are several older botnets that saw a resurgence in Q1, including Mirai, STRRAT and Emotet. 

Mirai, known for co-opting IoT devices to launch DDoS attacks, showed a spike in activity in February 2022. This corresponded with the discovery of Spring4Shell, a zero-day attack on popular Java web application framework, Spring Core. The attack allows for unauthenticated remote code execution, and data show Mirai exploited this vulnerability to its botnet.

STRATT botnet, which engages in information stealing, keystroke logging, and credential harvesting from browsers and email clients, also spiked in February. This data corresponds with recent announcements identifying a new STRRAT phishing campaign. 

Additional notable findings from Nuspire’s Q1 2022 Threat Report include:

  • Incidences of malware, botnet and exploit activity increased 4.76%, 12.21% and 3.87% respectively over Q4 2021. 
  • Visual Basic Applications (VBA) trojans continue to be the top malware variant, comprising nearly 30% of all malware variants. Of note is its activity spiked just prior to Microsoft’s announcement of plans to block VBA macros by default on Office products. 
  • Brute force attacks – when threat actors guess different combinations of potential passwords until the correct password is discovered – were by far the most popular exploit at 61%. 

For those interested in getting an in-depth overview of the report, Nuspire is hosting a webinar this Thursday, May 12 at 2 p.m. ET, featuring the cybersecurity experts who compiled the research. You can register here

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: