Knowledge Tree
malware
Facts (21)
Sources
Cybersecurity Trends and Predictions 2025 From Industry Insiders itprotoday.com 16 facts
claimSteve Povolny, senior director of Security Research & Competitive Intelligence and co-founder of TEN18 by Exabeam, predicts that generative AI models trained to create malicious code will emerge in underground markets, allowing individuals without coding skills to deploy ransomware, spyware, and other malware.
claimJohn Bennett, CEO of Dashlane, claims that cybercriminals are leveraging AI to create highly personalized and harder-to-detect malware and phishing schemes.
claimAttackers are adopting a 'long-con' approach to the software supply chain, where they build a false reputation as good-faith actors over a long period rather than executing immediate point attacks.
measurementMobile users who engage in sideloading applications are 200% more likely to have malware running on their devices compared to users who do not sideload applications, according to Zimperium's zLabs researchers.
claimAttackers may exploit vulnerabilities in proprietary foundational models to command the models themselves, potentially embedding malware or exploiting lesser-known attack surfaces in the model's feature space.
measurementRiskware and trojans are the most common malware families found on mobile devices, accounting for 80% of the malware observed in Zimperium's 2024 Global Mobile Threat Report.
claimWhile the ultimate goal of cybercriminals (making money) has remained consistent, the tactics and techniques used in the attack chain to entice victims to download malware or issue payments are evolving rapidly.
claimAI agents are susceptible to both malware and identity-based attacks simultaneously.
claimFuture AI-driven malware is anticipated to be capable of learning and adapting in real-time during an attack.
claimAI-powered attack techniques, including autonomous malware, social engineering, data exfiltration, and credential stuffing, are becoming significantly harder to detect than traditional threats.
claimBad actors are increasingly using AI to create more convincing phishing emails, automate the discovery of vulnerabilities, and develop malware that evades detection by traditional security tools.
measurementZimperium's Mobile Banking Heist Report found that in 2023, 29 malware families targeted 1,800 mobile banking apps, with several showing early-stage ransomware capabilities.
referenceInfostealers are lightweight malware programs designed to scrape sensitive data, such as credentials and cookies, which are subsequently sold on underground marketplaces.
measurementThe Thales 2024 Data Threat Report states that 41% of enterprises faced malware-related breaches in 2023.
claimMultimodal AI-driven cyber attacks will encompass target profiling, phishing content creation (including vishing), zero-day exploit discovery, malware generation, infrastructure deployment, lateral network movement, and data exfiltration.
claimAttackers may compromise or impersonate reputable maintainers to infiltrate the software supply chain and distribute malware through trusted sources.
Rethinking Espionage in the Modern Era cjil.uchicago.edu 3 facts
claimCyber espionage capacities are cheaper to invest in than traditional espionage tools because malware and similar information-retrieval tools are less expensive to develop than maintaining a vast intelligence network.
quoteThe International Group of Experts stated: 'The International Group of Experts could achieve no consensus as to whether the placement of malware that causes no physical damage (as with malware used to monitor activities) constitutes a violation of sovereignty.'
claimThe use of physical hardware, such as malware on a portable hard drive connected to an isolated network, constitutes a clear violation of territoriality and sovereignty, making it akin to traditional forms of espionage.
bureado/awesome-software-supply-chain-security - GitHub github.com 1 fact
referenceeliasgranderubio/dagda is a tool that performs static analysis of Docker images and containers to detect vulnerabilities, trojans, viruses, malware, and other malicious threats, while also monitoring the Docker daemon and running containers for anomalous activities.
State of the Software Supply Chain Report | 10 Year Look - Sonatype sonatype.com 1 fact
accountIn 2017 and 2018, attackers began intentionally injecting malicious code into popular open source libraries, specifically targeting projects with high adoption rates to spread malware to downstream systems.