Germany's Federal Office for Information Security (BSI) has released its annual threat report.
Speaking in Berlin alongside Federal Interior Minister Horst Seehofer, BSI President Arne Schönbohm said his agency had detected 144 million new malware variants between June 2020 to the end of May 2021 — up 22% for the year.
BSI, which is part of the Interior Ministry, said that in February of this year it detected 553,000 malware variants in a single day which was a new record. Its report noted that it had raised the general threat level posed by malicious computer attacks from "tense" last year to "tense-to-critical."
BSI President Schönbohm said some parts of the digital realm had experienced threat level "red." The reason, he said, was the increasing professionalism of cybercriminals combined with the networked composition of society and the ever-expanding possibilities presented to criminals in terms of software security vulnerabilities.
A never-before-documented malware strain dubbed MosaicLoader has been added to the list of detected malware variants and it is spreading worldwide. Cyber Magazine covered the story back in July 2021.
According to Bitdefender researchers who discovered the malware, the loader is spreading worldwide through paid ads in search results, targeting people looking for pirated software and games. It masquerades as a cracked software installer, but in reality, it’s a downloader that can deliver any payload to an infected system.
It can be used to download a variety of threats onto compromised machines, including Glupteba, a type of malware that creates a backdoor onto infected systems, which can then be used to steal sensitive information, including usernames and passwords, as well as financial information.
Bitdefender named it MosaicLoader because of the intricate internal structure that aims to confuse malware analysts and prevent reverse-engineering.
"Most likely, attackers are purchasing adverts with downstream ad networks – small ad networks that funnel ad traffic to larger and larger providers. They usually do this over the weekend when manual ad vetting is impacted by the limited staff on call," Bogden Botezatu, director of threat research and reporting at Bitdefender, told ZDNet.
It is suggested that it's possible that the malware would be detected by antivirus software, but many users downloading illegally cracked software have likely turned their protections off in order to access and install the download.