The list of the top malware for 2021 has been released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC).
Both the CISA and the ACSC have publicly unveiled the list of malware that caused the most malware-related damage to devices and systems in 2021.
The gathering of data for this list of the most widespread detected malware strains last year was a joint effort by both governing agencies.
Most of the malware strains on the list might be familiar since some of these strains have been existing for a decade or have existed for the last five years on the internet.
Top Malware 2021
Malware strains have become rampant in the past few years. The trend of attacks has proven the existence of malicious activities on the internet across different parts of the globe.
Malware, which is short for "malicious software," compromises one's device by illegally running an unauthorized function. This cyberattack from malware has affected numerous targeted victims and has caused inconvenience and, in some cases, caused money loss or the loss of it.
Malware can take many forms, such as trojans, viruses, worms, ransomware, spyware, and rootkits, to name a few. Ransomware, banking Trojans, remote access Trojans (RATs), and information stealers were the top four types of malware in 2021.
According to ACSC, the top two malware strains that dominated 2021 were Agent Tesla and AZORult.
Agent Tesla
Agent Tesla is a malware that has been active since 2014 as a remote access Trojan that is most of the time included in campaigns of phishing emails.
This malware can steal data from file transfer protocol (FTP) servers, web browsers, and emails. This malicious software is also capable of capturing screenshots, videos, and data from the Windows clipboard.
Agent Tesla is readily available for purchase as a legitimate tool for managing someone's personal computer. Its developers are constantly adding new features, such as obfuscation capabilities and the ability to target additional applications for credential theft.
AZORult
The second malware strain for 2021 is AZORult, a trojan malware that has been detected since 2016.
AZORult is a tool that is used to steal information from computers that have been compromised. It has been offered for sale on underground hacker sites, where it has been used to steal data from browsers, user credentials, and cryptocurrency credentials.
The creators of AZORult are continuously adding new features and improving existing ones. Malicious websites, phishing campaigns, exploit kits, or dropper malware that downloads and installs AZORult are all possible distribution methods of this malware strain.
Other Top Malware in 2021
Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot, and GootLoader are among the top malware in 2021, following Agent Tesla and AZORult.
According to BleepingComputer, Ursnif and Qakbot are malware strains that have been used for over a decade now. While malwares like TrickBot, NanoCore, Formbook, Agent Tesla, LokiBot, AZORult, and Remcos are malwares that have been used in attacks for the past five years,
The longevity of many malware families can be attributed to the persistent attempts of their developers to improve them by incorporating new features and techniques that allow them to avoid detection.
Mitigations for Malware Attacks
The CISA and the ACSC recommend organizations tailor their cybersecurity measures and efforts to the scope, importance, and recommended tactics, techniques, and procedures to avoid malicious attacks that can potentially harm systems or individuals.
According to ACSC and CISA, they are urging "critical infrastructure organizations to prepare for and mitigate potential cyber threats immediately by (1) updating software; (2) enforcing MFA; (3) securing and monitoring RDP and other potentially risky services; (4) making offline backups of your data; and (5) providing end-user awareness and training."