Increase in Stealthy Persistence and Evasion Techniques for Data Extortion

Timeline

1. 10.02.2026 16:00 1 articles · 9h ago

   Picus Security Reports Increase in Stealthy Persistence and Evasion Techniques

   Picus Security's Red Report 2026 reveals that threat actors are increasingly using stealthy persistence and evasion techniques to silently exfiltrate data for extortion. The report highlights the use of process injection, C2 traffic routing through high-reputation services, and sophisticated evasion techniques like LummaC2 infostealer malware. The shift towards silent data exfiltration is evident, with a 38% annual drop in the use of 'data encrypted for impact.' The report also notes the rising complexity of malware, which now carries out an average of 14 malicious actions and 12 ATT&CK techniques per sample.

   Show sources

   • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

   Open in new tab

Information Snippets

• Picus Security analyzed over 1.1 million malicious files and more than 15.5 million actions in 2025 to compile its latest study.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• Process injection was the top malicious technique for the third consecutive year, used in 30% of attacks.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• Attackers are routing C2 traffic through high-reputation services like OpenAI and AWS to stay hidden.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• In a quarter of attacks, threat actors used passwords stolen from browsers to masquerade as legitimate users.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• The use of 'data encrypted for impact' dropped by 38% annually, according to the report.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• LummaC2 infostealer malware uses trigonometry to detect sandbox environments and avoid detonation.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• Virtualization/sandbox evasion is the fourth most prevalent MITRE ATT&CK technique observed.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00

• Malware now carries out an average of 14 malicious actions and 12 ATT&CK techniques per sample.

  First reported: 10.02.2026 16:00
  1 source, 1 article
  Show sources

  • “Digital Parasite” Warning as Attackers Favor Stealth for Extortion — www.infosecurity-magazine.com — 10.02.2026 16:00