Skip to main content

Malware surges as cyber crooks take advantage of global pandemic, report finds

malware
(Image credit: Shutterstock)

Perhaps it's time to make sure you have one of the best antivirus programs installed. According to a new report from, Malwarebytes there’s been a dramatic increase in malware attacks preying on the “confusion, fear and uncertainty” surrounding coronavirus.

The company's "Cybercrime tactics and techniques" paper has recorded “dramatic increases”  in malware such as NetWiredRC, AveMaria and Danabot from cyber criminals looking to gain from the pandemic, a Malwarebytes blog post says. 

Cybercriminals are delivering years-old malware with brand new campaigns that exploit the coronavirus crisis, Malwarebytes says. The study found that backdoor malware NetWiredRC, which had been inactive for around five months in 2019, increased its activity by 200% in March 2020 compared to December 2019. 

Between February and March, the detection rate of remote-access Trojan AveMaria increased by almost 110%. Hackers can use remote-access Trojans, or RATs, to gain remote access to desktops and webcams as well as steal passwords.

In the same time period, the DanaBot Trojan and information stealer, which lets  crooks steal online-banking passwords, saw a detection-rate increase of 160%.

Covid-19 has disrupted the cybercrime economy

While phishing attacks that do not involve malware are still the most popular method of attack, Malwarebytes said cybercriminals have gotten creative with fraudulent websites that hide malware.

As the coronavirus lockdown has resulted in an influx of online shoppers, hackers have seized the opportunity. In March, Malwarebytes recorded a 26% increase in credit-card skimming attacks from the previous month.

Adam Kujawa, security evangelist and director of Malwarebytes Labs, told Tom’s Guide: “We believe that Covid-19 disrupted the cybercrime economy as much as it’s disrupted the real-world one. 

“More sophisticated actors, over the last two years, have been more focused on infecting business networks than regular consumers, mainly due to a greater return on investment. 

“However, despite various methods of technological exploitation that are used to infect business networks, the most common (and effective) method of infection was through malicious phishing emails, expecting the users to fall for whatever gimmick the email was using to get them to open a file and infect their own system.”

But Kujawa explained that when many potential victims moved from the office to their homes, getting people to fall for phishing attacks was no longer as reliable as it once was. 

“So rather than work on developing new malware families to go after these working from home employees and potentially gain access to their networks through cloud and VPN services accessed by remote employees," Kujawa said, "many decided to dust off some older and less popular malware families, because a) they were cheap; and b) they did the job.”

  • Read more: Protection without the cost? Discover the best free VPN