Summary of malware activity: April - June 2023
Malware activity has fluctuated throughout 2023. It’s tempting to speculate that malware attackers take breaks after holiday and tax seasons, but we’ll need to observe several nire years of activity before we make that claim. And the attackers will likely change before we can. For now, we saw less malware activity than we saw in the prior quarter.
Endpoint malware
Endpoint malware reporting has been anything but consitent quarter over quarter in 2023. We observed a upward trend from the first quarter to second, then a drop in quarter three (see Quarter over Quarter Key Statistics).
In Q3, we processed more reports of malicious executables than any other endpoint malware.
Information stealers such as banking trojans, remain a threat.
The U.S. and China are malware hosting havens
One-half of the 881,464 addresses reported were geolocated in The U.S. and China
China and The U.S. had the most reports of attackware US
China and India had the most reports of traffic injectors
The U.S. and India had the most reports of PHP forum spammers
The U.S. had the most reports of HTTP spammers and web bots
ASN4134, Chinanet Access was had the most IPv4 addresses reported for hosting malware overall, and the most traffic injectors and attackware as well (ASN activity).
