Malware-as-a-Service (MaaS) now accounts for over half of cyber threats targeting organizations. These threats have become more prevalent as cybercriminals increasingly outsource their operations.
According to a research from Darktrace, the use of MaaS tools picked up steam in the latter half of 2024, making up 57% of identified fraud activities. One of the most commonly used malware tools is Remote Access Trojan (RAT) software, which allows cybercriminals to take control an infected device remotely. Once inside, they can steal data, harvest credentials, or monitor a user’s activities.
MaaS is a subset of the broader Cybercrime-as-a-Service (CaaS) model, where criminals offer illicit software services to individuals or groups for financial gain. These services—sold through CaaS platforms—can include ransomware attacks, data breaches, and Distributed Denial of Service attacks that can cripple an organization’s website for days or even weeks.
Phishing for Entry
The most common entry method for CaaS attacks remains phishing. Darktrace’s survey uncovered over 30 million phishing emails in the past year alone. Of these attempts, 38% were highly customized spear phishing attacks targeting high net-worth individuals.
However, spear phishing can also be directed at specific customer bases, as seen in the attacks on CrowdStrike’s customers following the global outage caused by the company’s software update last year.
Impersonating Services
As with the attacks targeting CrowdStrike’s customers, Darktrace observed that many phishing communications impersonated third-party services that organizations frequently rely on. The report identified phishing emails that appeared to be from Microsoft SharePoint, Adobe, and QuickBooks, among others.
Cybercriminals have also increasingly impersonated major merchants to scam consumers. Separate data from the Federal Trade Commission revealed that Best Buy, Amazon, and PayPal were among the most frequently impersonated retailers.
The advent of new technologies like artificial intelligence has made these scams more effective. According to Darktrace, 32% of phishing attempts now employ novel social engineering techniques designed to manipulate recipients. Many of these messages feature AI-generated text that is both complex and compelling.
As CaaS platforms provide advanced tools to even tech-challenged threat actors, organizations face growing risks in an evolving fraud landscape filled with emerging threats.
