The annual cybersecurity analysis focuses on the most prominent attacks and cybercrime tactics across popular operating systems. It also explores how IT teams, especially those with limited resources, can address these threats. Small and medium-sized organizations are challenged by a constant barrage of cyber threats, including ransomware, malware, and phishing attacks. Mark Stockley, Cybersecurity Evangelist at Malwarebytes ThreatDown Labs, highlighted the ongoing battle between cybercriminals and security and IT teams.

The LockBit gang claimed the largest known ransom demand of $80 million after attacking Royal Mail. Ransomware groups have refined their tactics to target a higher volume of victims, and LockBit remained the most widely used ransomware-as-a-service. Malwarebytes ThreatDown Labs identified Amazon, Rufus, Weebly, NotePad++, and Trading View as the top five most impersonated brands. Additionally, Dropbox, Discord, 4sync, Gitlab, and Google emerged as the top five most abused hosts.

The top five most frequently discovered malware included Aurora Stealer, Vidar, Redline Stealer, BatLoader, and IcedID. Criminals have disguised banking trojans as seemingly harmless apps like QR code scanners, fitness trackers, or popular applications like Instagram to intercept banking passwords and steal money directly from accounts. Despite declining PC sales, there is an increased demand for Macs, leading to a rise in attacks using legitimate IT administration tools such as WMI or Powershell. Malwarebytes, with its decades of experience, is trusted by millions of individuals and organizations to combat threats at every stage of the attack lifecycle, securing digital identities and safeguarding data and privacy.

The company’s world-class team of threat researchers and AI-powered engines provide advanced threat intelligence to detect and prevent both known and unknown threats. Headquartered in California, Malwarebytes also has offices in Europe and Asia.