Summary: In 2024, researchers examined over a million malware samples, discovering that 25% specifically target user credentials, a threefold increase from the previous year. This has made credential theft one of the top techniques in the MITRE ATT&CK framework, further highlighting the evolving nature of malware. The report emphasizes that new malware, dubbed “SneakThief,” is designed for stealth and automation to facilitate complex cyberattacks.

Affected: Organizations relying on user credentials and password stores

Keypoints :

• 25% of malware samples in 2024 target user credentials, up from 8% in 2023.
• SneakThief malware is focused on stealth, persistence, and automation to execute sophisticated attacks.
• Enterprise security can potentially mitigate 90% of malware threats by concentrating on the top 10 MITRE ATT&CK techniques.