"Malware That Can Do Anything and Everything Is on the Rise"

"Swiss Army Knife" malware is multi-purpose malware that can execute malicious actions throughout the cyber kill chain while evading security controls. According to Picus Security's analysis of over 550,000 real-world malware samples obtained from commercial and open-source threat intelligence services, security vendors, researchers, malware sandboxes, and databases, this form of malware is rising. By observing the malware's behavior, the company extracted more than 5 million malicious actions and used this information to determine the ten most common ATT&CK methods used by malicious actors in 2022. These techniques include the use of command and scripting interpreters to run arbitrary code, dumping credentials from the compromised system's operating system and utilities, the injection of malicious code into legitimate processes, and more. The average malware uses eleven different tactics, techniques, and procedures (TTPs). Thirty-two percent of malware uses over 20 TTPs, and one-tenth leverages more than 30 TTPs. This article continues to discuss findings from Picus Security's analysis of over 550,000 real-world malware samples. 

Help Net Security reports "Malware That Can Do Anything and Everything Is on the Rise"