2021 COVID bounce: Malware has returned with a vengeance

At a particularly perilous moment for privacy and security, Malwarebytes’ research uncovered a COVID bounce, a massive 2021 resurgence of cyberthreats across multiple categories following pandemic-induced declines in 2020.

COVID bounce cyberthreats

There was a 77% increase in malware detections over 2020. Business-focused cyberthreats jumped 143%, while consumer-specific threats rose by 65% to more than 152 million in 2021. This increase represents more than a return to business as usual, with detection numbers far exceeding pre-pandemic figures.

“2021 was a challenging year for both cybersecurity and user privacy, which points to alarming trends,” said Marcin Kleczynski, CEO of Malwarebytes. “With workforces still dispersed, cybercriminals capitalized on both new and latent vulnerabilities, burrowing deeply into critical infrastructure and infecting supply chains, driving increased threat volume, and homing in on targets with maximum potential for disruption. In this climate, ensuring every person and organization is thoroughly fortified against attacks through a simplified patching process and layered security is more critical than ever.”

Surge in surveillance

In the wake of 2020’s lockdowns and stay-at-home orders, stalkerware surged, with spyware detections increasing 1,600% in the first six months of that year. 2020 was the worst year for stalkerware to that point, but 2021 would prove to be even worse. Android monitoring apps were detected 54,677 times and spyware apps 1,106 times, notable figures for this targeted form of abuse, especially due to Android’s history of adware issues.

There’s also a growing stalking concerns with Apple devices. In 2021, Pegasus spyware infected iPhones used by journalists and government officials, enabling surveillance of their locations and data.

Average users also began struggling with the pros and cons of Apple-developed location trackers – AirTags – that enabled potential victims to be silently monitored by perpetrators. Despite several software updates enabling AirTags to reveal themselves after periods of quiet use, millions of people still face the prospect of being monitored without consent.

Additional key findings

  • In addition to the “COVID bounce” in both consumer and business-oriented malware, there was a 56% year-on-year growth in malware sent via email.
  • Mac detections also increased more than 200% YoY, climbing to 164 million, as unwanted app installs from aggressive and/or misleading marketing continued to grow.
  • Although ransomware detections decreased in number – falling 38% from 2020 – ransomware gangs became more targeted, leading to more severe attacks on critical infrastructure and supply chains. The impact of ransomware is predicted to grow in 2022, as ongoing hybrid work perpetuates ongoing vulnerabilities.
  • The large mountain of technical debt in widely used apps and code became due, as latent vulnerabilities were exploited in the software billions of people rely upon daily. The IT world asked, “why is patching so hard?” as zero-day attack chains in Microsoft Exchange Server, 18 zero-day vulnerabilities in Google’s Chrome browser, and a Log4j vulnerability with a CVSS score of 10 out of 10 were discovered.

Don't miss