German cybersecurity office BSI issues threat warning

The BSI says threat levels in the country have reached red alarm levels as society becomes more digitally connected and criminals more sophisticated.

Germany's Federal Office for Information Security (BSI) has released its annual threat report.

Speaking in Berlin alongside Federal Interior Minister Horst Seehofer, BSI President Arne Schönbohm said his agency had detected 144 million new malware variants between June 2020 to the end of May 2021 — up 22% for the year.

BSI, which is part of the Interior Ministry, said that in February of this year it detected 553,000 malware variants in a single day which was a new record. Its report noted that it had raised the general threat level posed by malicious computer attacks from "tense" last year to "tense-to-critical."

BSI President Schönbohm said some parts of the digital realm had experienced threat level "red." The reason, he said, was the increasing professionalism of cybercriminals combined with the networked composition of society and the ever-expanding possibilities presented to criminals in terms of software security vulnerabilities.

MosaicLoader malware 

A never-before-documented malware strain dubbed MosaicLoader has been added to the list of detected malware variants and it is spreading worldwide. Cyber Magazine covered the story back in July 2021. 

According to Bitdefender researchers who discovered the malware, the loader is spreading worldwide through paid ads in search results, targeting people looking for pirated software and games. It masquerades as a cracked software installer, but in reality, it’s a downloader that can deliver any payload to an infected system.

It can be used to download a variety of threats onto compromised machines, including Glupteba, a type of malware that creates a backdoor onto infected systems, which can then be used to steal sensitive information, including usernames and passwords, as well as financial information. 

Bitdefender named it MosaicLoader because of the intricate internal structure that aims to confuse malware analysts and prevent reverse-engineering.

"Most likely, attackers are purchasing adverts with downstream ad networks – small ad networks that funnel ad traffic to larger and larger providers. They usually do this over the weekend when manual ad vetting is impacted by the limited staff on call," Bogden Botezatu, director of threat research and reporting at Bitdefender, told ZDNet. 

It is suggested that it's possible that the malware would be detected by antivirus software, but many users downloading illegally cracked software have likely turned their protections off in order to access and install the download. 



Featured Articles

UK police cyberattack a reminder of third party risk

Cyber criminals use back-door suppliers cyberattack to spread alarm through Britain's biggest police force

Building Cyber Resilience into ‘OT in Manufacturing’ webinar

Join Acronis' webinar, Building Cyber Resilience into ‘OT in Manufacturing’, 21st September 2023

Trustwave report on hospitality industry security threats

Nearly 31% of hospitality organisations have reported a data breach in their company’s history, according to a Trustwave cybersecurity report

Barracuda Managed XDR uses AI to uncover cyber incidents

Technology & AI

Imperva: 32% of work data breaches could have been avoided

Operational Security

Supply chain cyberattacks seen as catastrophic for business

Cyber Security