STOCK TITAN
  1. Home
  2. News
  3. MCFE

McAfee Sees COVID-19-Themed Threats and Powershell Malware Continue to Surge

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Very Negative)
Tags
covid-19
Rhea-AI Summary

McAfee Corp. (Nasdaq: MCFE) presents the McAfee Threats Report: April 2021, highlighting significant cyber threats observed in late 2020. Notably, there was a 10% increase in threats, averaging 648 per minute in Q4. COVID-19-related attacks surged by 240% in Q3 and 114% in Q4. Malware threats, including a 208% increase in Powershell threats, and a 69% rise in ransomware were prominent. Additionally, the technology sector faced a 100% increase in reported cyber incidents in Q4.

Positive
  • Introduction of MVISION Insights enhances tracking of cyber threats and detection capabilities.
  • Increased awareness of cyber threats may strengthen demand for McAfee's cybersecurity solutions.
Negative
  • A 10% increase in threats shows a growing cybersecurity challenge for companies.
  • COVID-19-related cyber attacks increased significantly, indicating vulnerabilities in remote work setups.
  • Ransomware incidents rose 69%, showing a heightened risk for businesses.

McAfee Corp. (Nasdaq: MCFE), the device-to-cloud cybersecurity company, today released its McAfee Threats Report: April 2021, examining cybercriminal activity related to malware and the evolution of cyber threats in the third and fourth quarters of 2020. In Q4, McAfee Labs observed an average of 648 threats per minute, an increase of 60 threats per minute (10%) over Q3. The two quarters also saw COVID-19-related cyber-attack detections increase by 240% in Q3 and 114% in Q4, while Powershell threats again surged 208% due to continued increases in Donoff malware activity.

“The world—and enterprises—adjusted amidst pandemic restrictions and sustained remote work challenges, while security threats continued to evolve in complexity and increase in volume,” said Raj Samani, McAfee fellow and chief scientist. “Though a large percentage of employees grew more proficient and productive in working remotely, enterprises endured more opportunistic COVID-19 related campaigns among a new cast of bad-actor schemes. Furthermore, ransomware and malware targeting vulnerabilities in work-related apps and processes were active and remain dangerous threats capable of taking over networks and data, while costing millions in assets and recovery costs.”

Each quarter, McAfee assesses the state of the cyber threat landscape based on in-depth research, investigative analysis, and threat data gathered by the McAfee Global Threat Intelligence cloud from over a billion sensors across multiple threat vectors around the world. The introduction of MVISION Insights in 2020 has made it possible for McAfee to track the prevalence of campaigns, their associated IoCs, and determine the in-field detections. This month’s report is the first to feature statistics such as the top MITRE ATT&CK techniques observed in Q4 among criminal and APT groups, while sharing observations on the SUNBURST malware that rocked the cybersecurity world at the end of 2020.

COVID-19-Themed Threats

As organizations the world over adapted to unprecedented numbers of employees working from home, cybercriminals worked feverishly to launch COVID-19-themed attacks on a workforce coping with pandemic restrictions and the potential vulnerabilities of remote device and bandwidth security. As the pandemic began to surge around the world, McAfee saw a 605% increase in Q2 2020. These attacks again increased by 240% in Q3 and 114% in Q4.

Malware Threats

In Q3 2020, McAfee Labs observed an average of 588 threats per minute, an increase of 169 threats per minute (40%). By the fourth quarter, this average rose to 648 threats per minute, an increase of 60 threats per minute (10%).

  • Powershell threats grew 208% in Q4 driven largely by Donoff malware. McAfee observed numerous Powershell attacks utilizing Process Injection to insert code into legitimate running processes as a privilege escalation technique.
  • Mobile malware grew 118% in Q4 in part due to a surge in SMS Reg samples. The HiddenAds, Clicker, MoqHao, HiddenApp, Dropper and FakeApp strains were the most detected mobile malware families.
  • Ransomware grew in volume 69% from Q3 to Q4 driven by Cryptodefense. REvil, Thanos, Ryuk, RansomeXX and Maze groups topped the overall list of ransomware families.
  • MacOS malware exploded in Q3 420% due to EvilQuest ransomware but then slowed towards the end of the year.

Victims, Vectors & Vulnerabilities

Publicly Reported Incidents. McAfee tracked a 100% increase in publicly reported cyber incidents targeting the technology sector during the fourth quarter of 2020. Reported incidents in the public sector grew by 93% over the same period.

Attack Vectors. Malware was the most reported cause of security incidents in Q4 followed by account hijackings, targeted attacks and vulnerabilities. Incidents related to new vulnerabilities surged 100% in Q4, malware and targeted attacks each rose 43%, and account hijackings increased 30%.

Vulnerabilities Exploited. Among the campaigns McAfee monitored and investigated, the Eternal Blue exploit was the most prominent in Q4 2020.

MITRE ATT&CK Techniques

The top MITRE ATT&CK techniques observed by McAfee in Q3 and Q4 included System Information Discovery, Obfuscated Files or Information, File and Directory Discovery, Data Encryption for Impact, Stop Services, Process Injection, Process Discovery, Masquerading Techniques, and Exploits of Public Facing Applications.

  • System Information Discovery was one of the more notable MITRE techniques in the campaigns McAfee observed in Q4 2020. The malware in these campaigns contained functionality that gathered the OS version, hardware configuration and hostname from a victim’s machine and communicated back to the threat actor.
  • Obfuscated Files or Information was the second most observed technique for Q4. One noteworthy example was threat actor group APT28’s use of virtual hard drive (VHD) files to package and obfuscate their malicious payloads to bypass security technology.
  • Process Injection. McAfee observed this privilege escalation technique among several malware families and threat groups, including Powershell threats, RAT tools such as Remcos, ransomware groups such as REvil, and multiple state-sp

FAQ

What are the key findings from McAfee's April 2021 Threats Report?

The report indicates a 10% increase in cyber threats in Q4 2020, with 648 threats per minute on average.

How much did COVID-19-related cyber attacks increase in Q4 2020?

COVID-19-related attacks increased by 114% in Q4 2020.

What specific malware threats were identified in the report?

Powershell threats surged by 208%, and ransomware incidents increased by 69%.

How did the technology sector fare in terms of cyber incidents?

There was a 100% increase in reported cyber incidents targeting the technology sector in Q4 2020.

What role does MVISION Insights play in McAfee's threat analysis?

MVISION Insights allows McAfee to effectively track and analyze cyber threat campaigns and associated indicators.

Stock MCFE logo
MCFE

NASDAQ:MCFE

MCFE Rankings

N/A Ranked by Market Cap
N/A Ranked by Dividends

MCFE Latest News

May 23, 2024
McAfee’s ‘Safer Summer Travel Report’ Reveals Over 25% of Americans Affected by Travel Scams
Jun 27, 2022
TPG Appoints Gunther Bright as New Independent Director
Mar 1, 2022
Investor Group Led by Advent International and Permira Completes Acquisition of McAfee
Feb 24, 2022
New McAfee Global Research Shows Children and Teens Are More Vulnerable Than Ever to Sophisticated Mobile Threats
Jan 27, 2022
Indian Consumers Prioritize Protection Over Convenience McAfee India 2022 Trends Survey

MCFE Stock Data

4.89B
106.86M
Data Processing, Hosting, and Related Services
Information
Link