Interisle Consulting Group recently released its report (https://interisle.net/MalwareLandscape2021.html) studying six months of malware.
Data showed that, based on 1.7 million malware reports collected from January 1, 2021 to June 30, 2021, malware reports increased 63% in the first half of 2021. The findings are based on analyzing 1,686,033 malware reports during a six-month study period from four widely used and respected threat intelligence sources.
The key takeaways are summarized below from the report.
Principal Findings (credit: Interisle Malware Landscape 2021, https://interisle.net/MalwareLandscape2021.html):
Malware is growing rapidly – from approximately 72,000 to nearly 480,000 over our 6-month study period
Malware that exploits Internet of Things (IoT) devices is the fastest growing malware.
99% of the records that we associated with IoT Malware were identified as Mozi malware.
The majority of malware reports identify or include IPv4 addresses rather than domain names.
Information stealers and ransomware account for 40% of malware that exploits endpoint devices.
Malware attackers use fewer domains but to great effect.
Domains registered in the new TLDs are disproportionately attractive to malware attackers.
Registrars with high malware domain counts tend also to have high phishing domain counts.
Malware attackers extensively misuse file sharing services, code repositories, and storage services.
M3AAWG offers a number of resources to help combat abuse, available here in our best practices documents, https://www.m3aawg.org/published-documents