The Growing Role of Malware-as-a-Service in Sophisticated Attacks

According to an article from Help Net Security, the landscape of cybersecurity threats is rapidly evolving. Cybercriminals are employing increasingly sophisticated techniques, including malware-as-a-service, to target vulnerabilities and bypass detection measures, paving the way for less technically proficient but more criminally inclined attackers to carry out complex, multistage attacks.

“The threat landscape continues to evolve, but new threats often build upon old foundations rather than replacing them,” comments Nathaniel Jones, Director of Strategic Threat and Engagement at Darktrace. “While we have observed the emergence of new malware families, many attacks are carried out by the usual suspects that we have seen over the last few years, still utilizing familiar techniques and malware variants.”

Malware-as-a-service is apparently here to stay. That underlines organizations’ need to leverage AI-driven security measures to detect abnormal activity in real time without prior knowledge of specific tactics and counter evolving threats.

Companies must monitor existing attack trends and common vulnerabilities and exposures. Between January and June 2024, the Darktrace Threat Research team implicated common vulnerabilities and exposures in 40% of the cases investigated.

Information-stealing malware accounted for 29% of early triaged investigations observed from January to June 2024. Trojans, a type of malware that downloads onto a computer disguised as a legitimate program, accounted for 15% of investigated threats, with remote access Trojans adding 12% more.