Kaspersky’s detection systems discovered an average of 467,000 malicious files per day in 2024, marking a 14% increase compared to the previous year. Certain types of threats saw significant growth with experts reporting a33% surge in Trojan detections compared to 2023. These and other findings are described in the Kaspersky Security Bulletin (KSB) – an annual series of reports analysing major developments in the cybersecurity landscape, a company spokesman said.
Windows continued to be the primary target for cyberattacks, accounting for 93% of all malware-filled data detected daily. Malicious families disseminated through various scripts and different MS Office document formats ranked among the top three threats, accounting for 6% of all malicious files detected daily.
Kaspersky’s detection systems discovered a significant increase in Windows malware – 19% from 2023 to 2024. The most widespread type of malware continues to be Trojans – malicious programmes that disguise themselves as legitimate software – with a surge of 33% from 2023 to 2024. There has also been a 2.5-fold (150%) increase in the use of Trojan-droppers – program designed to deliver other malware to a victim’s computer or phone without the victim noticing.
Head of Anti-Malware Research at Kaspersky, Vladimir Kuskov said, “The number of new threats grows every year as adversaries continue to develop new malware, techniques and methods to attack users and organisations. This year was no exception to this, and there were dangerous trends observed, such as attacks ontrusted relationships and supply chains, including those on open-source packages (e.g., theXZ case).
“There were massive phishing and malicious campaigns targeting social media users and a rise in banking malware. And, of course, the use of AI tools to generate new malware or facilitate phishing attacks. In this evolving cyber threat landscape, the use of reliable security solutions is vital. Kaspersky experts are always dedicated to countering new and challenging cyberthreats, ensuring a secure online experience for users as well as robust cybersecurity and the latest threat intelligence for organisations,” he said.
These discoveries are based on Kaspersky detections of malicious files from January to October and are part of Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts within the cybersecurity world.
To stay protected, follow the recommendations given below:
Individual users
Do not download and install applications from untrusted sources
Do not click on any links from unknown sources or suspicious online advertisements
• Always use two-factor authentication when available. Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation. Use a reliable password manager to help to remember them
Always install updates when they become available;they contain fixes for critical security issues
Ignore messages asking to disable security systems for office or cybersecurity software
Use a robust security solution appropriate to your system type and devices, such as Kaspersky Premium
Organisations
• Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities
• Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them
Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors
Back up the corporate data regularly. Backups should be isolated from the network. Make sure you can quickly access the backups in an emergency if needed
