The number of detected malware experts say it’s on the decline, but it’s too early to celebrate.
A report on Internet security by WatchGuard Technologies says that overall malware detections have declined compared to the peak seen in the first half of 2021.
According to the report, end point detection overall decreased by 20%.
Folina wreaks havoc
While this in itself may sound like a good thing, there is more to it than meets the eye: “While total malware attacks in the second quarter were down more than 81% from the all-time highs seen in previous quarters detections occurred over TLS-encrypted connections, continuing an alarming upward trend,” said Cory Nachreiner, chief security officer at WatchGuard. “This may reflect threats changing their tactics to rely on more elusive malware.”
In addition, researchers claim to have recorded an increase in threats to Chrome and Microsoft Office. The top incident of the quarter was the Follina Office exploit, a flaw that allowed threat actors to run malicious code remotely without requiring anything more than minimal interaction from the victim. Allegedly, everyone from crooks looking for a quick buck to government officials have used Follina and are likely using it today against unpatched endpoints.
At the same time, the exploitation of malicious programs browsers increased by almost a quarter (23%). Chrome was worse, experiencing a 50% spike. Malicious scripts accounted for the majority of detections (87%) for the quarter.
Finally, WatchGuard believes that we should not let our guard down before the dreaded Emotet. Although its volume has decreased since last quarter, it remains “one of the biggest threats to network security.”
The researchers concluded that one of the top 10 and top 5 encrypted malware detections for the quarter was XLM.Trojan.abracadabra, a Win Code injector distributed by Emotet.