Commodity malware campaigns utilizing machine identities are increasing rapidly, according to threat analysis from Venafi. For example, malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.
Researchers gathered data on the misuse of machine identities by analyzing security incidents and third-party reports in the public domain.
Overall, malware attacks utilizing machine identities grew eightfold over the last 10 years and increased more rapidly in the second half of the decade. These findings are part of an ongoing threat research program focused on mapping the security risks connected with unprotected machine identities.