Skip to main content

Five Ways the Malware Landscape Might Change in 2022

By February 24, 2022No Comments

The year 2021 has been a trying for most of us. While the world is dealing with the challenges caused by the pandemic, cybercriminals were working double time and taking advantage of the opportunity to exploit scattered work. Ransomware attacks, social engineering, and insider threats have increased dramatically in the past year. Moreover, there was also an increase in prominent organizations suffering from data breaches.


As we start the new year, let us look ahead and prepare ourselves for what lies ahead. Here are the trends, risks, and developments about malware to look out for in 2022.


Social Engineering Takes Off

If the pandemic taught us anything, it’s how quickly misinformation can spread on social media sites like Facebook. Even now, cybercriminals are taking full advantage of the false facts around the web. We’ve already seen some very nefarious criminal actors use the epidemic to propagate malware and perpetrate fraud which is a trend that is very likely to continue far into the New Year. 

Misinformation isn’t the only problem. Few people are expected to click on malicious links sent by social media spambots. However, criminals are devoting more time and resources to creating false profiles. Even though these well-researched and well-executed attacks are done to acquire access to more profitable targets such as businesses, individual users are still at risk. 


More Mobile Malware

In 2020, almost 40% of the world’s mobile devices were discovered to be hackable. Moreover, 97% of organizations will encounter mobile device threats using various attacks channels. On the other hand, at least one employee downloaded a harmful smartphone app in 46% of organizations. 

Nothing appears to have changed in this regard. Potential returns for criminals targeting mobile devices continue to grow along with the increase in the use of mobile wallets and mobile payment platforms. The fact is that smartphones aren’t as private as we’d like to believe. Companies like the NSO Group provide spyware that can be used to track your every move. Therefore, we need to be on the lookout for more than ransomware and viruses in 2022.


The “Pinpoint Shotgun” Approach

Cybercriminals aim to infect as many targets as possible with malicious software using the ‘fire and forget’ strategy. This strategy is the source of the most common malware and ransomware infections. This shotgun method will most likely continue to be used in 2022. According to The Register, this method will continue to be random though it will become targeted as well. In addition, security risks such as Gootloader which exploits search engine optimization to promote malicious websites to the top of search engine results pages may become more prevalent, targeting an entire demographic instead of just a single business or victim. 


A New Ecosystem for Ransomware

Not all the news is negative. Several large ransomware-as-a-service distributors have been brought down over the last few years. The most recent one being, BlackMatter, as the organization revealed plans to shut down in response to government pressure – although this happened on the tail end of security researchers costing the criminals millions because of a weakness in the ransomware’s code. 

The loss of larger distributors is altering the power balance within the ransomware industry. In addition, smaller self-contained criminal groups are breaking away from larger RaaS platforms. While this event may lead to some terrifying new developments in the field. It can also give security experts some respite as there is a possibility that we’ll see a rush of novice ransomware writers in place of the more complex attacks we’ve seen previously. 


Boot Kits Make their Return

Perhaps most notably (and troublingly), 2022 could become the year of the boot kit. For those who are unaware, a boot kit is a sort of malware that hides deeps within an infected operating system and seeks to launch as early as possible during the boot process. Moreover, it can destroy core drivers and manipulate system files without being detected by the antivirus software. It also gives cybercriminals considerable access to the infected device. However, this form of attack has never been widespread due to its complexity and the potential to fully brick an infected system. According to SecureList, the availability of Secure Boot will force criminals to use boot kits once more. 


Security Starts with the Right Software

Knowledge and mindfulness can only go so far when it comes to guarding against ransomware. You’ll also require the appropriate antivirus software. A system that not only protects your smartphone and computer but also keeps an eye on your entire network.


Source: Five ways the malware landscape might change in 2022 – and how you can protect yourself | Tom’s Guide (