BlackBerry reported that its cybersecurity solutions identified and blocked an average of 11,500 unique malware samples each day during the second quarter of 2024, marking a 53% increase compared to the first quarter. This surge represents one of the steepest quarterly increases ever recorded in the organization’s network telemetry.
The findings, presented in the latest Global Threat Intelligence Report, highlight how underground malware developers are rapidly evolving their code, resulting in more effective, resilient, and difficult-to-analyze malware. Additionally, the rise in unique malware instances may also be linked to targeted attacks affecting multiple individuals within the same organization.
“As new threat groups emerge and established ones adapt to takedown efforts, they are concentrating on creating novel malware. This shift indicates that these groups are prioritizing the impact of their attacks rather than merely the volume,” stated Ismael Valenzuela, BlackBerry’s Vice President of Threat Research and Intelligence. “Furthermore, even minor modifications to malware may not seem particularly advanced, but they significantly enhance the success and severity of cyberattacks.”
Alongside the increase in malware, BlackBerry also noted an 18% rise in the number of cyberattacks thwarted daily, averaging 43,500 for a total of 3.7 million during the quarter. Critical infrastructure operators were the primary targets, experiencing over 800,000 attacks, with around 400,000 aimed specifically at the financial services industry. This could be attributed to the higher volumes of unique malware, as BlackBerry suggested that attackers might be focusing on distinctive malware types for their assaults on critical national infrastructure (CNI), where the chances of executing a successful, targeted attack are greater.
Additionally, BlackBerry recorded a 21% increase in attacks on commercial enterprises, potentially due to the exponential growth of devices in various sectors, including manufacturing, professional services, and retail.
The “Weaponization of Chaos”
Over recent years, various global crises—ranging from the COVID-19 pandemic to geopolitical conflicts—have offered threat actors numerous advantages, according to BlackBerry, which termed this phenomenon as the “weaponization of chaos.” Disruptions to daily life are now seen as prime opportunities for cybercriminals to exploit, and they are becoming increasingly skilled at doing so through phishing campaigns, deceptive social media content, and malicious software.
BlackBerry’s research team predicts that in the near future, threat actors will continue to employ advanced tactics to target their victims. The emergence of new infostealers and malware indicates that private data will remain a valuable and sought-after asset.