Languagesx
English Deutsch
Subscribe
Home Stealthy hunter-killer malware rises by 333%, report reveals

Stealthy hunter-killer malware rises by 333%, report reveals

Stealthy hunter-killer malware rises by 333%, report reveals. Illustration of hooded hacker with red eyes behind security lock and red-tinter computer network in the background.
Stealthy hunter-killer malware rises by 333%, report reveals

There has been a significant surge in hunter-killer malware, with a 333% rise, according to the latest Picus Red Report.

The fourth edition of this annual report revealed insights from the analysis of over 600,000 real-world malware samples, pinpointing the most frequently used techniques by attackers. The study found a significant shift in the strategies of cyber attackers, notably the emergence of malware designed to actively seek out and disable security defenses.

“We are witnessing a surge in ultra-evasive, highly aggressive malware which shares the characteristics of hunter-killer submarines,” said Dr. Suleyman Ozarslan, Picus Security co-founder and vice president of Picus Labs. 

“Just as these subs move silently through deep waters and launch devastating attacks to defeat their targets’ defenses, new malware is designed to not only evade security tools but actively bring them down,” he added.

Dr. Ozarslan further explained the strategic pivot in cybercriminal behavior, attributing it to the significantly enhanced security measures of businesses and the advanced threat detection capabilities of widely used tools. He highlighted a notable shift from the past year, stressing, “A year ago, it was relatively rare for adversaries to disable security controls. Now, this behavior is seen in a quarter of malware samples and is used by virtually every ransomware group and APT group.”

How to deal with Hunter-killer malware

To deal with Hunter-killer malware, the security validation company urged organizations to embrace machine learning, protect user credentials, and consistently validate their defenses against the latest tactics and techniques used by cybercriminals.

According to Huseyin Can Yuceel, Security Research Lead at Picus Security, “It can be incredibly difficult to detect if an attack has disabled or reconfigured security tools, because they may still appear to be working as expected.” 

Yuceel reiterated, “Preventing attacks that would otherwise operate under the radar requires the use of multiple security controls with a defense-in-depth approach. Security validation must be a starting point for organizations to better understand their readiness and identify gaps.” 

He then warned that “unless an organization is proactively simulating attacks to assess the response of its EDR, XDR, SIEM, and other defensive systems that may be weakened or eliminated by Hunter-killer malware, they will not know they are down until it is too late.”

Other key findings of the Red Report 2024

The research also revealed that 70% of analyzed malware now employ stealth-oriented techniques by attackers, particularly those that facilitate evading security measures and maintaining persistence in networks. It spotted a noticeable 150% increase in the use of T1027 Obfuscated Files or Information, showcasing a hacker’s ability to conceal their malicious activities and hinder digital forensics and incident response efforts.

In addition to this, there has been a 176% surge in the use of ransomware or T1071 Application Layer Protocol. These malicious tools are strategically employed for data exfiltration, forming integral components of sophisticated double extortion schemes.

Featured image: Canva

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

tags
Suswati Basu
Tech journalist

Suswati Basu is a multilingual, award-winning editor and the founder of the intersectional literature channel, How To Be Books. She was shortlisted for the Guardian Mary Stott Prize and longlisted for the Guardian International Development Journalism Award. With 18 years of experience in the media industry, Suswati has held significant roles such as head of audience and deputy editor for NationalWorld news, digital editor for Channel 4 News and ITV News. She has also contributed to the Guardian and received training at the BBC As an audience, trends, and SEO specialist, she has participated in panel events alongside Google. Her…

Related News

UK criminalizes creation of sexually explicit deepfakes. An image featuring a woman's face split in two parts, one side revealing digital components, with a bold "DEEP FAKE" stamp across.
UK to criminalize creation of sexually explicit deepfakes
Suswati Basu
Side channel attack vulnerability found in Apple's M1 chip. The image depicts a microprocessor chip with visual overlays suggesting a security concern such as a cyber attack or system error. Words like "CYBER ATTACK," "SYSTEM ERROR," "HACKED!" and "SECURITY BREACH" are prominently displayed in red, implying the chip is experiencing a severe security vulnerability. Binary code patterns add to the digital theme.
Side channel attack vulnerability found in Apple’s M1 chip
Suswati Basu
Generated image: intelligence analysts at a cyber protection security agency look at multiple screens, their backs turned to viewer. A Union Jack Flag can be see on one screen as well as a map of the UK, cinematic
GCHQ: Are you smart enough to join the UK’s cyber intelligence agency?
Sophie Atkinson
Change Healthcare hack damage.
Change Healthcare hack continues to inflict major damage
Deanna Ritchie
Pegasus spyware US court orders maker to hand over code to WhatsApp. An illustration of a hand holding a smartphone with the WhatsApp logo displayed on the screen. The background features a stylized red Pegasus figure emerging from digital graphics that suggest cybersecurity, with icons representing user identity and lock symbols in a network-like pattern. The Pegasus and phone are overlaid on a dark backdrop with digital connections and cybersecurity elements.
Pegasus spyware: US court orders maker to hand over code to WhatsApp
Suswati Basu

Most Popular Tech Stories

Latest News

The Xbox Series X|S dashboard with AirPods
Gaming

How to connect AirPods to Xbox consoles
Jacob Woodward2 hours

If you’re a hardcore gamer, you’re likely using the top of the line headsets to hear every single footstep possible. However, if you’re a more casual player, maybe someone who...

Popular TopicsArrow right.svg

AI
AI
AR / VR
AR / VR
Cryptocurrency
Cryptocurrency
Gaming
Gaming
Smartphone
Smartphone
Gambling
Gambling
Wearables
Wearables
Web
Web

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.