Infographic showing 18-minute enterprise breach timeline with icons for Oyster malware exploiting rundll32.exe and scheduled tasks, Gamarue USB attacks, drive-by compromises, and security shields for behavioral monitoring and anomaly detection.

Threat actors are breaching enterprise networks in record time, with average breakout times shrinking to 18 minutes (June-August 2025, per ReliaQuest), including a six-minute Akira ransomware hit via SonicWall VPN. Driven by automation, legitimate tool abuse, and evasion, attacks favor drive-by compromises (34%) and USB-based Gamarue malware, which conceals DLLs and spoofs LNK files on trusted media.

Infographic showing 18-minute enterprise breach timeline with icons for Oyster malware exploiting rundll32.exe and scheduled tasks, Gamarue USB attacks, drive-by compromises, and security shields for behavioral monitoring and anomaly detection.Infographic showing 18-minute enterprise breach timeline with icons for Oyster malware exploiting rundll32.exe and scheduled tasks, Gamarue USB attacks, drive-by compromises, and security shields for behavioral monitoring and anomaly detection.

Oyster malware dominates, using AI-powered SEO poisoning and malvertising to target IT admins, distributing trojanized tools like PuTTY from fake sites (e.g., puttysystems[.]com) for privileged access.

Infographic showing 18-minute enterprise breach timeline with icons for Oyster malware exploiting rundll32.exe and scheduled tasks, Gamarue USB attacks, drive-by compromises, and security shields for behavioral monitoring and anomaly detection.Infographic showing 18-minute enterprise breach timeline with icons for Oyster malware exploiting rundll32.exe and scheduled tasks, Gamarue USB attacks, drive-by compromises, and security shields for behavioral monitoring and anomaly detection.

Oyster evades detection by exploiting rundll32.exe to load "twain_96.dll" via scheduled tasks mimicking maintenance (e.g., rundll32.exe twain_96.dll,DllRegisterServer), accounting for 48% of "Match Legitimate Name or Location" incidents. Counter with advanced behavioral monitoring and anomaly detection.
 
NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security