ANY.RUN has released statistics regarding malware activity in the MENA region. The report is based on analysis of public client submissions from the company’s community of over 300,000 researchers.
The report identifies the most prevalent malware types and families in the region during this period, providing valuable data for cybersecurity professionals to address regional threats effectively.
Out of all submissions, 14,410 were marked as malicious, 2,303 as suspicious, and 31,893 as no threat. The report identifies the top malware families by uploads in the MENA region as RedLine, Remcos, NjRAT, Emotet, and AsyncRAT.
The prevalence of these malware families suggests that attackers in the region favor versatile and stealthy infection techniques with the aim of gaining remote control and exfiltrating sensitive data.
Additionally, the report identifies the most common malware types found in the region as Remote Access Trojan (RAT), Loader, Installer, Ransomware, and Stealer. 509 submissions were marked as trojans.
These prevalent malware types suggest a higher likelihood of unauthorised access and data exfiltration for organisations in the region.
The report also identifies less common malware types and families in the region, such as miners, snake, LokiBot, and Amadey. It’s important to note that the statistics may not fully capture the risks posed by highly targeted ransomware attacks, which have become increasingly prominent in recent years.
“Understanding the unique malware landscape in the MENA region is essential for cybersecurity professionals,” says Stanislav Gaivoronskii, a malware analyst at ANY.RUN.
“Our report offers insights into the most prevalent threats, empowering regional cybersecurity experts to adapt their defense strategies to tackle these specific challenges. By arming organisations with the intel needed to prioritise the most likely attack vectors, we’re hoping to not only boost their cybersecurity posture but also enhance the overall security ecosystem in the region.”
Given the evolving nature of cyber threats, ANY.RUN emphasises the importance of continuous threat intelligence. The company encourages businesses in the MENA region to evaluate their security measures regularly. Although the report provides valuable insights, it is crucial for organisations to remain vigilant and adjust to new cybersecurity trends to keep pace with the constantly changing threat landscape.
