Australia among most malware-targeted countries

Australia Blackberry

Instances of unique malware emerging worldwide have surged by 40 per cent since the end of 2023, figures from Blackberry’s latest cyber threat intelligence report reveal.

Covering the three months to March 2024 period (Q1), the cybersecurity vendor’s report observed an average of 7,500 unique malware samples per day targeting its customer base.

Overall, Blackberry identified more than 630,000 malicious hashes in this period – a per-minute increase of over 40 per cent over the previous reporting period (September to December 2023).

This figure also represents a more than three-fold increase in unique malware since early 2023.

Blackberry observed that unique, custom tools and tactics are increasingly be churned out by highly resourced threat actors, often in an effort to attack specific, high-value targets, like the CFO of a company.

Australia retained its ranking as the world’s fourth-most common recipient of unique malware, according to Blackberry data, trailing only the US, Korea and Japan.

Critical infrastructure, which includes the financial services sector, was targeted in three out of five (60 per cent) malware attacks. Of these, financial services businesses were by far the biggest magnet for malware attacks, accounting for 45 per cent of unique malware hashes, followed by government entities (24 per cent), healthcare (12 per cent) and utilities (10 per cent).

Among the most common malware families targeting APAC’s critical infrastructure were LummaStealer, an infostealer that relies on Trojans and spam to propagate, and Vidar (VidarStealer), an older commodity infostealer which can bypass and access critical systems, which had a particularly deleterious impact on the region’s food and agriculture industries and energy sector.

VidarStealer also had an outsized impact on North America’s financial services sector.

Globally, the top three ransomware groups active this period were LockBit, Hunters International, and 8Base, first spotted in 2023 and noted by Blackberry as “a particularly aggressive ransomware group”.

Among the top incident response categories identified by Blackberry included network intrusion, insider misconduct, data leakage, and ransomware (representing one in ten incidents responded to by the cybersecurity developer).

“Each iteration of this report highlights startling new trends: novel malware is growing with no signs of stopping, and threat actors are highly motivated, be it for financial gain or to create chaos,” BlackBerry’s vice president of threat research and intelligence Ismael Valenzuela said.

“In a year where over 50 countries are holding elections, geopolitical tensions are at an all-time high, and every nation will soon be fixated on the Olympic Games, the threat landscape can feel overwhelming to navigate.”

Based on its analysis, BlackBerry predicts that cyber threat actors will continue to increase not only in number but also in their ability to target high-value victims, particularly critical infrastructure providers.

“A rise in new ransomware and infostealers indicates that private data will continue to be highly sought after by threat actors, where sectors like healthcare and financial services will be top targets for attack.”