PowerShell threats increased over 200% last year
A new McAfee report finds PowerShell attacks driven largely by Donoff malware.
The number of threats leveraging PowerShell grew 208% in the last quarter of 2020, according to a new report by cybersecurity firm McAfee.
The McAfee Threats Report of April 2021 found the Q4 2020 increase was driven largely by Donoff malware. It also observed numerous PowerShell attacks using process injection to insert code into legitimate running processes as a privilege escalation technique.
Mobile malware grew 118% in Q4 due in part to a surge in SMS Reg samples, according to the report. Researchers said HiddenAds, Clicker, MoqHao, HiddenApp, Dropper, and FakeApp strains were the most detected mobile malware families.
Ransomware also grew in volume between Q3 and Q4 driven by Cryptodefense. Researchers said that REvil, Thanos, Ryuk, RansomeXX, and Maze groups topped the overall list of ransomware families.
MacOS malware exploded by 420% in Q3 due to EvilQuest ransomware but returned to normal levels in Q4. Office malware surged 199% from Q3 to Q4, and new Linux malware increased 6% at the same time.
The number of overall threats grew too. In Q3 2020, McAfee Labs observed an average of 588 threats per minute, an increase of 169 threats per minute (40%). By the fourth quarter, this average rose to 648 threats per minute, an increase of 60 threats per minute (10%). The firm also observed nearly 3.1 million external attacks on cloud user accounts.
Adam Philpott, EMEA President at McAfee, said the continued increase in threats is a harsh reminder of how quickly and effectively cyber criminals have taken advantage of COVID-19.
“As we emerge from the pandemic and look to navigate the new normal, it’s important that businesses reconsider their approach to security to ensure business resilience and their ability to mitigate increased cyber risk,” Philpott said.
Philpott added that his company’s research also saw increases in ransomware, malware, and PowerShell attacks, highlighting the importance of IT teams being aware of the wide variety of threats that could target their organizations.
“It is now critical that organizations go beyond the basics to create and maintain a secure environment. By effectively using technology to prioritize threats, predict the types of campaigns that will be launched against them and pre-emptively improve their defensive countermeasures, organizations can rest assured that they’re doing everything they can to protect their business,” Philpott added.
Meeting the future of education with confidence
How the switch to digital learning has created an opportunity to meet the needs of every student, always

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana
Cost savings and business benefits
