IT security firm Check Point Software has released its report on malware trends for December. This month’s coverage highlights the rise of FunkSec, a newly observed ransomware-as-a-service (RaaS) actor that leverages artificial intelligence.
FunkSec: A new force in ransomware
FunkSec has emerged at the forefront of groups that practice double extortion ransomware. In December 2024 alone, FunkSec publicly listed 85 alleged victims and surpassed many rivals in reported volume. However, Check Point Research (CPR) has flagged a number of these claims as recycled or unverified, calling into question the group’s credibility.
Linked to Algeria, FunkSec appears motivated by both financial gain and hacktivist ideology. Their adoption of AI-based methods highlights the growing use of sophisticated technologies by cybercriminals.
FakeUpdates: Globally prevalent malware
FakeUpdates reclaimed the top position globally among the most common malware families, affecting 5 percent of organizations worldwide. In Sweden, FakeUpdates was the most prevalent threat at 5.82 percent of organizations, followed by Androxgh0st (4.57 percent) and NJRat (1.11 percent).
Also known as SocGholish, FakeUpdates functions as a flexible downloader that delivers additional malicious payloads. Androxgh0st remains an active botnet that continues targeting sensitive information.
Security experts warn
- The latest cybercrime trends underscore the need for vigilance and innovation in cybersecurity, says Fredrik Sandström, security expert at Check Point Software. As AI-driven threats grow more prominent, organizations must adopt advanced defensive measures to protect themselves against an evolving landscape of increasingly sophisticated attacks.