BREAKING NEWS
A recent analysis of over a million malware samples gathered in 2024 has revealed that a staggering 25% of them are designed to target user credentials.
This marks a significant increase from the previous year, with the theft of credentials from password stores now ranking among the top 10 techniques identified in the MITRE ATT&CK framework, which comprised 93% of all malicious cyber activities in 2024.
In a comprehensive report titled “The Red Report 2025” by Picus Security, researchers have observed a shift towards intricate, multi-stage attacks that demand advanced malware capabilities to succeed. Referred to as “SneakThief,” threat actors are focusing on enhancing the stealth, persistence, and automation of information-stealing malware.
The researchers suggest that cybercriminals are honing their tactics to execute “the perfect heist,” with many malware samples now equipped with a multitude of malicious actions to bypass defenses, extract data, and more.
Furthermore, the study found no evidence of AI-driven malware being used by cybercriminals, with the average malware sample capable of executing 14 malicious actions. Exfiltration and stealth techniques accounted for 11.3 million of the cybercrime incidents in 2024.
“Prioritizing the Top 10 MITRE ATT&CK techniques is crucial in disrupting the kill chain of sophisticated malware strains at the earliest stage,” remarked Volkan Ertürk, CTO and co-founder of Picus. “By focusing on these techniques, enterprise security teams can thwart 90% of malware threats.”
