Group 300-2

The Malware Digest

In this report, we highlight malware trends utilizing data from abuse.ch’s open platforms. These collect, track and share resources relating to malware campaigns, including the URLs of malware distribution sites, malware samples, and indicators of compromise.

Each section will provide you with a detailed look at who and what data has been shared in the past month showing possible trends in malware operations.

All malware digests

Frame 37-1

Published 3 Mar 2023

The U.S. experienced a 447% increase in the number of malware distribution sites it was hosting. Meanwhile, a familiar name returned with vengeance; Qakbot, which was associated with the largest number of IOCs. 

Frame 34

Published 3 Feb 2023

January saw an increase in new malware sites hosted in Russia (almost 200%!) and decrease in the US by 95%. We also saw a big increase in compromised hosts spreading Mirai.

Dec 2022

Published 5 Jan 2023

It was a busy month for Qakbot - ThreatFox saw 30,611 IOCs related to this malware threat. On the flip side,  we are happy to celebrate 1k active hunting rules on MalwareBazaar!

 
Frame 26

Published 8 Dec 2022

Emotet is well and truly back! abuse.ch saw a 68% increase in Indicators of Compromise relating to this malware family - find more in November’s malware report.

 
Frame 23-1

Published 4 November 2022

Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.

Frame 24

Published 6 October 2022

Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.

Frame 25

Published 7 September 2022

Using data from abuse.ch's platforms, the report gives an overview of malware campaigns, with insights into malware distribution sites, samples, IOCs & YARA rules.