Malware Landscape 2023

For the 2023 Malware Landscape study we captured over 7 million malware reports from four widely respected threat intelligence sources: Malware Patrol, MalwareURL, Spamhaus, and URLhaus. Analyzing these reports yielded important insights into what malware was most prevalent, where malware was served from or distributed, and what resources criminals used to pursue their attacks. Here, we present study highlights.

The use of domain names in malware URLs grew sharply. Interisle found a 121% increase in the use of domain names in 4Q 2022.

Information stealing and ransomware were the dominant malware threats in 2022.

Malware activity increased in 2022, continuing the trend from the previous year.

Gafgyt targets Linux devices. Infected devices are often used in large scale DDoS attacks.

The Emotet banking Trojan primarily functions as a loader of other banking Trojans.