Malware Report Jan 24

The Malware Digest

January saw a 173% increase in new malware sites hosted in India, with a welcome 41% decrease in the US. Mirai is back as the most common malware with 851 samples shared, and there are now 19,292 YARA rules available for hunting on YARAify! Read the full report.

All malware digests

January

Published 7 Feb 2024

January saw a 173% increase in new malware sites hosted in India, with a welcome 41% decrease in the US. Mirai is the most common malware with 851 samples shared, and there are now 19,292 YARA rules available for hunting on YARAify! 

December 2023

Published 9 Jan 2024

URLHaus experienced a surge in new malware sites hosted across the APAC region, including China (360%), Singapore (265%) and Taiwan (103%). Whilst new entrant Sock5Systemz is #1 for samples shared - find out more in December's malware report. 

November 2023

Published 5 Dec 2023

This month saw an increase in active malware distribution sites across Central Europe. New October entrant ShadowPad dominated the ThreatFox Top 15s with a +459.82% increase. Meanwhile, YARAify scanned over 8 million distinct files! 

October 2023

Published 3 Nov 2023

October saw increases across 12 geolocations hosting new malware sites, most significantly India (181.82%) but the US is back at number one. Meanwhile, Cobalt Strike was associated with the largest number of IOCs. Read the full report here.

September

Published 6 Oct 2023

We saw the rise of the RATS this month, with NJRAT (+2129.56%) and RemcosRAT (+1392.49%) experiencing staggering increases, as well as new entrants AsyncRAT, QuasarRAT and BitRAT - find out more in September's malware report.

August 2023

Published 6 Sept 2023

August saw an increase in new malware sites hosted in The Netherlands (284%) and Singapore (220%). Whilst, Mirai appear is making a come back - with an increase in distribution sites and malware samples shared.

July

Published 4 Aug 2023

This month saw a spike in new malware sites hosted in Bulgaria (almost 400%) and a welcomed 55% decrease (finally!) in the US. With new entrant DBatLoader contributing 22% of all IOCs shared via ThreatFox. Read the full report.

June

Published 6 Jul 2023

Another busy month for Qakbot - 61.4% of ALL malware sites shared on URLhaus and 4,150 IOCs shared on ThreatFox. Malware sites hosted in India is on the rise, with Indian network BSNL climbing to #1 host of malware distribution sites. 

Frame 51

Published 6 Apr 2023

Together, Emotet and Qakbot were responsible for 38% of ALL malware sites shared on URLhaus, Mirai had the biggest growth across the board, and there are officially over 1 million IOCs shared on ThreatFox. Find the report here:

Frame 37-1

Published 3 Mar 2023

The U.S. experienced a 447% increase in the number of malware distribution sites it was hosting. Meanwhile, a familiar name returned with vengeance; Qakbot, which was associated with the largest number of IOCs. 

Frame 34

Published 3 Feb 2023

January saw an increase in new malware sites hosted in Russia (almost 200%!) and decrease in the US by 95%. We also saw a big increase in compromised hosts spreading Mirai.

Dec 2022

Published 5 Jan 2023

It was a busy month for Qakbot - ThreatFox saw 30,611 IOCs related to this malware threat. On the flip side,  we are happy to celebrate 1k active hunting rules on MalwareBazaar!

Frame 26

Published 8 Dec 2022

Emotet is well and truly back! abuse.ch saw a 68% increase in Indicators of Compromise relating to this malware family - find more in November’s malware report.

Frame 23-1

Published 4 November 2022

Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.

Frame 24

Published 6 October 2022

Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.

Frame 25

Published 7 September 2022

Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.