Researchers have recently revealed a concerning trend in the world of cybersecurity: a significant increase in malware targeting user credentials. According to a study conducted by Picus Security, more than a million pieces of malware collected in 2024 showed that a staggering 25% of them were specifically designed to steal user credentials. This number represents a threefold increase from the previous year, highlighting the growing threat posed by these types of attacks.
The findings from the study have also shed light on the evolving nature of cyber threats in 2024. In particular, stealing credentials from password stores has now become one of the top 10 techniques listed in the MITRE ATT&CK framework, accounting for 93% of all malicious cyber activity. This shift in tactics suggests that cybercriminals are becoming more sophisticated and strategic in their approach to hacking and data theft.
One of the most concerning developments highlighted in the research is the emergence of a new generation of malware known as “SneakThief.” This type of malware is characterized by complex, prolonged, multi-stage attacks that prioritize increased stealth, persistence, and automation. According to the researchers at Picus Security, threat actors behind SneakThief are looking to revolutionize info-stealing malware in order to carry out what they describe as “the perfect heist.”
The researchers further emphasize that cybercriminals are continuously evolving their tactics to evade detection and maximize the impact of their attacks. This includes equipping malware with a wide range of malicious actions, with the average sample capable of completing 14 such actions. In 2024 alone, millions of cybercrime acts were observed, with exfiltration and stealth tactics making up a significant portion of these malicious activities.
Despite the growing sophistication of malware, the researchers did not find any evidence of cybercriminals using AI-driven malware in their attacks. Instead, they suggest that focusing on the top 10 MITRE ATT&CK techniques can be an effective way to disrupt the kill chain of advanced malware strains at an early stage. Volkan Ertürk, CTO and co-founder of Picus, emphasizes that by concentrating on a select number of techniques identified by MITRE, enterprise security teams can mitigate up to 90% of malware threats.
Overall, the findings of the research point to a troubling trend in the cybersecurity landscape, with cybercriminals increasingly targeting user credentials as a means to carry out sophisticated and damaging attacks. As the threat landscape continues to evolve, organizations must remain vigilant and proactive in their approach to cybersecurity in order to protect against these evolving threats.