February 23, 2023

Research Reveals LockBit Ransomware Surges While Android Droppers Emerge as Top Business Threat

Malwarebytes State of Malware report warns against ransomware gang behind one-third of all attacks and the trojan horse of apps lurking in IT environments

Santa Clara, Calif. – February 23, 2023 – MalwarebytesTM, a global leader in real-time cyber protection, announced the release of its annual cybersecurity trend and threat intelligence report: 2023 State of Malware. The report shares key cybersecurity developments of 2022 and explains why organizations that protect against the five most dangerous cyberthreat archetypes  today will be better secured this year.

“In today’s rapid fire threat landscape, under-resourced organizations often struggle with where to focus their time, attention, and resources,” said Mark Stockley, Cybersecurity Evangelist, Malwarebytes. “This report acts as a guide to those organizations by focusing their limited time on a small number of critical threats across Windows, Mac, and Android. If organizations can understand what it takes to prevent these threats, they are well placed to stop a huge number of other attacks as well.”

Key findings from the report include:

  • LockBit: The Most Dominant Ransomware – LockBit rose to dominance in 2022 and accounted for about one-third of all known ransomware as-a-service (RaaS) attacks, more than three times as many known attacks as the next most active ransomware, ALPHV.
  • SocGholish: Simple but Effective – Using websites to spread, rather than attachments, software vulnerabilities, or brute force attacks, the threat comes disguised as a critical browser update. Malwarebytes found that SocGholish performs eligibility checks to ensure it is only triggered by legitimate targets and using lures and malware meant to attract individual targets.
  • Android Droppers: Businesses’ Biggest Threat – Droppers, trojan horses that disguise themselves as innocent apps, can be used to deliver pernicious threats like HiddenAds that bombard users with aggressive ads, banking trojans like ShareBot, and spy malware to harvest passwords, geo location, record audio, and even take pictures. In 2022, droppers accounted for 14% of detections on Android.
  • Genio: The Mac Menace – Malwarebytes tracks tens of millions of detection events for Mac adware and potentially unwanted programs (PUPs), but the worst is OSX.Genio. In 2022, it was the second most common detection on Macs, appearing on 10 percent of all machines that triggered a detection event.

Learn more about the report and how businesses can protect themselves:

  • LinkedIn Live on February 23 at 11am PT – Join Cybersecurity Evangelist, Mark Stockley, as he breaks down the five most dangerous threats facing businesses this year – including LockBit and SocGholish. Stockley will dissect how the threats are delivered, where they spread, what they destroy, and the best practices to protect against them.
  • ThreatDown Webinar on March 15 – Jérôme Segura, Senior Director of Threat Intelligence, and Cybersecurity Evangelist, Mark Stockley, provide a breakdown of the top five cyberthreat archetypes to stop this year and share guidance on how to catch the emerging, hard-to-detect attacks that don’t rely on malware.

To read more about the latest threats and cyber protection strategies, visit our newsroom, or follow us on Facebook, Instagram, LinkedIn, TikTok and Twitter.

About Malwarebytes
Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, Malwarebytes’ award-winning endpoint protection, privacy and threat prevention solutions and its world-class team of threat researchers protect millions of individuals and thousands of businesses across the globe. The effectiveness and ease-of-use of Malwarebytes solutions are consistently recognized by independent third parties including MITRE Engenuity, MRG Effitas, AVLAB, AV-TEST (consumer and business), Gartner Peer Insights, G2 Crowd and CNET. The company is headquartered in California with offices in Europe and Asia. For more information and career opportunities, visit https://www.malwarebytes.com.

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.