Starting with January 2023, Netskope Threat Labs will publish a monthly summary blog post of the top threats we are tracking on the Netskope Security Cloud platform. The purpose of this post is to provide strategic, actionable intelligence on active threats against enterprise users worldwide.
Summary
- Attackers continue to attempt to fly under the radar by using cloud apps to deliver malware, with 54% of all malware downloads in January originating from 142 cloud apps.
- ZIP files are gaining popularity among attackers who use the archive format to try to evade defenses and avoid suspicion. 21% of all malware downloads in January were ZIP files.
- Trojans continue to represent the majority of malware downloads, used to deliver payloads such as the infostealer AgentTesla and the ransomware Vice Society.
Cloud Malware Delivery
Attackers attempt to fly under the radar by delivering malicious content via popular cloud apps. Abusing cloud apps for malware delivery enables attackers to evade security