Sunday, March 2, 2025
Follow us On Linkedin
HomeCyber Security NewsAlert! 333% Surge in Hunter-Killer Malware that Bypasses Network Security Controls

Alert! 333% Surge in Hunter-Killer Malware that Bypasses Network Security Controls

Cyber Security NewsMalware

Published on

By Tushar Subhra
Alert! 333% Surge in Hunter-Killer Malware that Bypasses Network Security Controls

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Hunter-Killer is a sophisticated type of malware primarily designed to actively seek out and neutralize other malware present on a system. 

It operates by identifying and removing competing threats that potentially pose a serious risk to the security and privacy of affected systems.

Cybersecurity researchers at Picus Security recently discovered a 333% surge in Hunter-Killer malware that neutralizes network security controls.

Document
Live Account Takeover Attack Simulation

How do Hackers Bypass 2FA?

Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks.

Hunter-Killer Malware

Constantly evolving adversary tactics demand endless attention from security experts. Prioritizing threats amidst the multitude poses tough challenges, and covering every risk is virtually impossible.

That’s why Picus Security actively promotes security awareness by guiding defensive efforts strategically.

Analyzing more than 600,000 malware samples, it has unveiled the top ten attack techniques with mitigation suggestions.

In the fourth-year report, the Picus Labs team studies malware behavior, mapping actions to the MITRE ATT&CK Framework from the aggregated samples.

The Picus Red Report Research Summary (Source - Picus)
The Picus Red Report Research Summary (Source – Picus)

Red Report uncovered a rise in ‘Hunter-killer’ malware, which mirrors the silent submarines. Evasive and adept at neutralizing controls, it marks a significant trend in this year’s top ATT&CK techniques.

Malware targeting the defenses has surged significantly by 333% from 2022 to 2023. Besides this, 70% now use stealth tactics, making detection tougher for defenders or security researchers.

Moreover, T1027 Obfuscated Files or Info rose by 150%, showcasing adversaries’ effectiveness in hiding malicious activities and preventing digital forensics and incident response.

The T1071 App Layer Protocol surged 176%, aiding data theft and employed by ransomware groups in advanced double extortion tactics.

Recommendations

Here below, we have mentioned all the recommendations provided by the security analysts:-

  • Leverage Behavioral Analysis and Machine Learning for Detection
  • Enhance Defenses Against Evasion and Defense Impairment
  • Prioritize Credential Protection and Lateral Movement Mitigation
  • Integrate Prioritized Threat Intelligence and Counter-Espionage
  • Enhance Cyber Resilience through Asset Visibility and Attack Surface Reduction
  • Embrace Security Validation to Assure Defense Effectiveness
  • Update and Practice Ransomware Response and Recovery Procedures

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Cyber Security News

Network Penetration Testing Checklist – 2025

Network penetration testing is a cybersecurity practice that simulates cyberattacks on an organization's network...
Cyber Security News

Hackers can Crack Into Car Cameras Within Minutes Exploiting Vulnerabilities

At the upcoming Black Hat Asia 2025 conference, cybersecurity experts will unveil a groundbreaking...
cyber security

Chinese Hackers Breach Belgium State Security Service as Investigation Continues

Belgium’s State Security Service (VSSE) has suffered what is being described as its most...
cyber security

Hacktivist Groups Emerge With Powerful Tools for Large-Scale Cyber Operations

Hacktivism, once synonymous with symbolic website defacements and distributed denial-of-service (DDoS) attacks, has evolved...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

Cyber Security News

Network Penetration Testing Checklist – 2025

Network penetration testing is a cybersecurity practice that simulates cyberattacks on an organization's network...
Cyber Security News

Hackers can Crack Into Car Cameras Within Minutes Exploiting Vulnerabilities

At the upcoming Black Hat Asia 2025 conference, cybersecurity experts will unveil a groundbreaking...
cyber security

Chinese Hackers Breach Belgium State Security Service as Investigation Continues

Belgium’s State Security Service (VSSE) has suffered what is being described as its most...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved