Over Half of Malware Downloads Originate from SaaS Apps

Over Half Malware DownloadsAs the popularity of SaaS apps continues to grow, security analysts expect the misuse of such apps as the host for malware downloads to continue to rise through 2024.

I’ve provided plenty of examples on this blog of threat actors using cloud-based SaaS applications to host impersonated websites and malicious downloads. The credibility of such sites aids the cybercriminal, as traffic to and from reputable sites have a tendency to get past security solutions.

So, what happens when organizations increasingly rely on SaaS applications? According to Netskope’s Cloud and Threat Report 2024, cybercriminals take advantage of this trend to increase their chances of a successful attack.

SaaS app usage is increasing. According to the report, two years ago, a user generated an average of around 1,000 activities per month on SaaS apps. Today, half of all enterprise users generate from 600-5,000 per month.


Source: Netskope

The top SaaS apps are OneDrive, Google Drive, SharePoint, Google Cloud Storage and Amazon S3. What makes these of interest is that security solutions see these apps being used and will tend to downplay the risk in any download traffic from these and other popular SaaS apps.

And over the last year downloads of malware that originated from within SaaS apps has steadily remained above 50%. Analysts at Netskope expects this trend to continue throughout 2024 and expect it to push closer toward 60%.


Source: Netskope

Put this together, and you quickly realize two things: First, security solutions need to be laser focused on anything that comes from even a legitimate SaaS app, since the trend seems to be growing. And second, users need to be vigilant with their interactions – even if a link points to a legitimate SaaS app – something taught with new-school security awareness training.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews