2024 Malicious Infrastructure Insights: Key Trends and Threats

SUMMARY :

The report highlights significant trends in malicious infrastructure for 2024, including the rise of malware-as-a-service infostealers, continued dominance of Cobalt Strike among offensive security tools, and increased use of legitimate services by threat actors. Key findings include LummaC2's dominance in command-and-control servers, AsyncRAT and Quasar RAT remaining top remote access tools, and Android being the primary target for mobile malware. The US and China were the top malicious hosting locations, while traffic distribution systems enhanced cybercrime efficiency. Chinese state-sponsored groups expanded their use of relay networks, and Russian groups increasingly relied on legitimate services to evade detection. The report suggests defenders should prioritize top malware and infrastructure techniques, enhance network monitoring, and balance blocking high-risk services based on criticality and risk level.

OPENCTI LABELS :

cobalt strike,dcrat,plugx,cybercrime,asyncrat,mobile malware,brute ratel c4,latrodectus,botnets,infostealers,lummac2,quasarrat,malicious infrastructure,hook,gobrat,remote access trojans,traffic distribution systems,state-sponsored groups,command-and-control servers,mozi botnet,solarmarker rat,offensive security tools


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


2024 Malicious Infrastructure Insights: Key Trends and Threats