German cybersecurity office BSI issues threat warning

The BSI says threat levels in the country have reached red alarm levels as society becomes more digitally connected and criminals more sophisticated.

Germany's Federal Office for Information Security (BSI) has released its annual threat report.

Speaking in Berlin alongside Federal Interior Minister Horst Seehofer, BSI President Arne Schönbohm said his agency had detected 144 million new malware variants between June 2020 to the end of May 2021 — up 22% for the year.

BSI, which is part of the Interior Ministry, said that in February of this year it detected 553,000 malware variants in a single day which was a new record. Its report noted that it had raised the general threat level posed by malicious computer attacks from "tense" last year to "tense-to-critical."

BSI President Schönbohm said some parts of the digital realm had experienced threat level "red." The reason, he said, was the increasing professionalism of cybercriminals combined with the networked composition of society and the ever-expanding possibilities presented to criminals in terms of software security vulnerabilities.

MosaicLoader malware 

A never-before-documented malware strain dubbed MosaicLoader has been added to the list of detected malware variants and it is spreading worldwide. Cyber Magazine covered the story back in July 2021. 

According to Bitdefender researchers who discovered the malware, the loader is spreading worldwide through paid ads in search results, targeting people looking for pirated software and games. It masquerades as a cracked software installer, but in reality, it’s a downloader that can deliver any payload to an infected system.

It can be used to download a variety of threats onto compromised machines, including Glupteba, a type of malware that creates a backdoor onto infected systems, which can then be used to steal sensitive information, including usernames and passwords, as well as financial information. 

Bitdefender named it MosaicLoader because of the intricate internal structure that aims to confuse malware analysts and prevent reverse-engineering.

"Most likely, attackers are purchasing adverts with downstream ad networks – small ad networks that funnel ad traffic to larger and larger providers. They usually do this over the weekend when manual ad vetting is impacted by the limited staff on call," Bogden Botezatu, director of threat research and reporting at Bitdefender, told ZDNet. 

It is suggested that it's possible that the malware would be detected by antivirus software, but many users downloading illegally cracked software have likely turned their protections off in order to access and install the download. 

 

Share

Featured Articles

ICYMI: New Age of the CISO and cybersecurity trends for 2023

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Kingfisher chooses Google Cloud as catalyst for growth

Google Cloud will support Kingfisher's digital ambitions with a range of solutions, from infrastructure to data analytics.

ICYMI: Cyber predictions for 2023 and trouble in paradise

A week is a long time in cybersecurity, so here’s a round-up of the Cyber Magazine articles that have been starting conversations around the world

Osirium shares its cyber predictions for 2023

Cyber Security

ICYMI: Unloved emails and cybersecurity worth $500bn by 2030

Cyber Security

Cyber security market anticipated to reach $500bn by 2030

Cyber Security