Web threats increase by over 130% at the end of 2021
Web threats affect everyone and every device that is connected to the internet. Web threats enter users' networks without their awareness and can be activated by opening a spam email or clicking on an executable file attachment. Once they have compromised a system, web threats can travel through the network to infect other PCs.
According to the data presented by the Atlas VPN team, web threats have increased by 133% in November and December of 2021, compared to September and October. In addition, JavaScript downloaders and crypto miners were the most active web threats at the end of 2021.
The data is based on Palo Alto Networks Unit 42 research, Trends in Web Threats: Attackers Were More Active During Holiday Season. The report observed and analyzed web threats trends from October to December 2021.
Web threats reached 59,478 unique malicious URLs in September 2021, which resulted in 319,497 total threats. In October, the number kept slightly increasing to 60,440 unique malicious URLs, accumulating 361,184 hits. However, the threats significantly jumped up in the following months at the end of 2021.
November and December months combined accumulated 133% more web threats than September and October. The 84,470 unique malicious URLs in November turned into 833,924 total web threats. Even more, unique malicious URLs were seen in December at 93,999, which aggregated 749,956 threats.
Black Friday and Christmas sales in November and December influenced the rapid increase in web threats. Cybercriminals are particularly active during these seasons as they target e-commerce websites to steal customer personal information. By placing crypto miners or web skimmers, attackers can turn victims' devices to profit generators.
Most popular web threats
Cybercriminals can employ different types of web threats to target people's devices. Some can directly generate revenue, while others can steal sensitive information or open doors for cybercriminals to infiltrate malicious files on the victims' computers.
JavaScript (JS) downloaders were observed to have 61,283 unique malicious URLs, which accumulated 726,372 total threats from September to December 2021. JS downloaders are JavaScript code snippets that remotely download malicious code files from websites to enable other harmful behaviors.
From the total of 628,725 crypto miner threats, 59,550 were unique malicious URLs. Web miners that operate in internet browsers demand substantial CPU resources, causing computer use to be exceedingly slow. Cryptocurrency anonymity is highly advantageous for threat actors since it allows them to profit off their targets without being identified.
Next up, 328,310 web threats were collected from 26,614 unique URLs with web skimmers. Web skimming is an attack in which the attacker injects malicious code into a webpage and extracts data from an HTML form filled out by the user. This data is then sent to a server controlled by the attacker.
JavaScript redirectors amassed 115,497 web threats, of which 4,097 were unique malicious URLs. Finally, web scams accumulated 86,999 total threats, of which 15,130 were unique malicious URLs.
The landscape of web threats has changed dramatically in recent years. Smart devices and high-speed mobile networks have enabled an always-connected route of malware, fraud, and other compromises. The top concern that continues to pose new risks to security and privacy is the lack of caution when using the web.