“Hunter-killer” Malware Surge Threatens Security

Picus Security’s Red Report reveals a significant increase in the number of incidents targeting corporate security in the past year. The report attributes this rise to the growing sophistication of attackers, who are now able to detect and neutralize modern security systems with ease.

Of particular concern is the emergence of “Hunter-killer” malware, which is specifically designed to disable corporate security systems. Picus Security reports a 333% increase in the use of such malware over the past 12 months.

Qakbot banking trojan

“Malware” by Infosec Images is licensed under CC BY 2.0

We are witnessing a surge in ultra-evasive, highly aggressive malware which shares the characteristics of hunter-killer submarines,” said Dr. Suleyman Ozarslan, Picus Security Co-founder and VP of Picus Labs. “Just as these subs move silently through deep waters and launch devastating attacks to defeat their targets’ defenses, new malware is designed to not only evade security tools but actively bring them down. We believe cybercriminals are changing tact in response to the security of average businesses being much-improved, and widely used tools offering far more advanced capabilities to detect threats. A year ago, it was relatively rare for adversaries to disable security controls. Now, this behavior is seen in a quarter of malware samples and is used by virtually every ransomware group and APT group.

The report also highlights the growing use of stealth techniques by cybercriminals. 70% of the analyzed malware samples use such techniques, which makes it more difficult to detect and respond to attacks.

In response to these evolving threats, the report recommends that organizations adopt a layered approach to security. This should include the use of machine learning, strong user authentication, and regular security testing.

In addition, organizations should focus on creating a culture of cybersecurity awareness among their employees. This will help to reduce the risk of human error, which is often a major factor in successful cyberattacks.