The digital security company ESET published the 3rd Quarter 2022 Threat Report (T3 2022 Threat Report), which summarizes the statistics recorded by the company's detection systems, but also the most important findings from cyber security investigations it has conducted.
The latest issue of her Threat Report ESET (covering the period October-December 2022) highlights the impact of the ongoing war in Ukraine and its implications on the international scene and cyber security. The Russian invasion still has significant impact on prices of energy, inflation and cyber threats, with his sector ransomware to experience some of the biggest changes.
“The war in Ukraine has created a gap in the operators ransomware, with some attacking and others fending off attacks. Attackers also use increasingly destructive tactics, such as the development of malicious wipers which imitate the ransomware and encrypt the victim's data with no intention of providing a decryption key," explains o Roman Kovthank you Chief Research Officer of ESET.
Ο war also affected the attacks brute-strength against exposed services RDP, but despite the reduction of these attacks in 2022, the password disclosure method (Password guessing) remains the most popular way to attack networks. The vulnerability Log4j, for which the corrections patches are available from December 2021, it is still in second place in the ranking of external hacking agencies.
The report also explains the impact cryptocurrency exchange rates and skyrocketing energy prices have on various crypto-threats, with cryptocurrency-related scams seeing a resurgence. In the third quarter of 2022, its products ESET they recorded 62% increase in websites Phishing referring to cryptocurrenciesWhile FBI recently issued a warning about cryptocurrency investment scams. The total scans infostealer were on a downward trend both in the third quarter and the whole of 2022 - however, banking malware was an exception, with detections doubling compared to the previous year.
Other trends in the third quarter include; the increased phishing activity (Phishing) during the holiday season and the increase in detections adware for Android due to malicious versions of mobile games being placed on third-party app stores before Christmas. “On the platform Android an increase in was also observed spyware throughout the year due to easily accessible kits spyware which are available on various online forums and used by amateur attackers," added Kováč.
Η 3rd Quarter 2022 Threat Report ESET it also examines the most important findings and achievements of its researchersESET.
So, this quarter, its researchers ESET they found:
On spearphishing attack campaign called MirrorFace against high-profile political actors in Japan, and the new ransomware named RansomBoggs that attacks organizations in Ukraine.
Her researchers ESET they also identified a campaign run by the infamous team Lazarus, through which they are sent spearphishing emails containing documents with fake job offers. One of the decoys was sent to an aerospace company employee.
About the supply chain attacks, its experts ESET they detected a new malware wiper and its execution tool, which attribute to team APT Agrius, targeting users of an Israeli software suite used in the diamond industry.
In addition to these findings, the report also presents the recommendations that its researchers made public ESET the last few months and the speeches planned for the conferences RSA and Botconf.
You can read its 3rd Quarter 2022 Threat Report ESET on blog of ESET the WeLiveSecurity.