5 Most Common Malware Techniques in 2024

Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a reliable way to identify specific cyber threats. 

Here are some of the most commonly used techniques, according to ANY.RUN's Q3 2024 report on malware trends, complete with real-world examples.

1. Disabling of Windows Event Logging (T1562.002), e.g. XWorm Disables Remote Access Service Logs

2. PowerShell Exploitation (T1059.001), e.g. BlanGrabber Uses PowerShell to Disable Detection

3. Abuse of Windows Command Shell (T1059.003), e.g. Lumma Employs CMD in Payload Execution

4. Modification of Registry Run Keys (T1547.001), e.g. Remcos Gains Persistence via RUN Key

5. Time Based Evasion (T1497.003), e.g. DCRAT Delays Execution During Attack

See more: https://thehackernews.com/2024/11/5-most-common-malware-techniques-in-2024.html

#cybersecurity #malware