Analysis of 1.1 Million Malware Samples Reveals the Rise of the "Digital Parasite"

The Picus Labs research team analyzed 1.1 million malware samples and mapped 15.5 million malicious actions using the MITRE ATT&CK framework, identifying a trend called the "Digital Parasite": attacks that prioritize silent persistence, stealthy execution, and credential theft (present in nearly 1 out of 4 attacks). The results show a 38% decrease in encryption techniques (T1486) in favor of long-term data extortion, while 80% of the top 10 techniques now aim for evasion and persistence, with Process Injection leading for the third consecutive year. Modern malware, such as LummaC2, uses advanced methods like calculating the Euclidean distance of mouse movements to bypass sandboxes. The team will answer questions on February 19, 2026.