Cofense Research: The Risk of Group-Delivered Malware
November 2024 by Cofense
Cofense Intelligence released research highlighting the risks associated with group-delivered malware and some of the top combinations of malware seen from October 2022 to October 2024.
Key findings:
• Threat actors typically use one or more delivery mechanisms to deploy a single malware sample, as this is often sufficient to compromise a computer and potentially its network.
• In rare cases, threat actors may deploy multiple malware types, such as a RAT and a keylogger, to maximize their impact and avoid detection.
• Less frequently, threat actors may act as Initial Access Brokers (IABs), selling access to infected systems to other threat actors. These secondary actors may deploy additional malware, such as keyloggers or information stealers, to further exploit the compromised environment and deliver ransomware.