The security company ESET published the 2rd Quarter 2022 Threat Report (PDF), which summarizes the statistics recorded by the company's detection systems, as well as the most important findings from cybersecurity investigations it has conducted.
The last issue of its Threat Report ESET covers the period May-August 2022 and sheds light on the most common phishing baits, how plummeting cryptocurrency exchange rates have affected online threats, changes seen in ransomware which is done for ideological reasons, in his activity Emotet, και τέλος στη συνεχή ραγδαία εξασθένιση των επιθέσεων του πρωτοκόλλου απομακρυσμένης επιφάνειας work (RDP).
After the sharp decline seen in the first quarter of 2022, the total number of attempted RDP attacks in 2ο quarter of 2022 decreased by 89%. Its analysts ESET believe that the reasons that the attacks type RDP continued to plummet are the return of workers to offices after the COVID pandemic crisis, the overall improvement in security measures taken by businesses and the war Russias-Ukraine.
However, despite the number of attacks type RDP decreased, Russian IP addresses remained the most responsible for most of them.
"At the same time, in the first quarter of 2022, Russia was also the country that was the biggest target of attacks type ransomware, with some of the attacks being politically or ideologically motivated due to the war. However, its Q2 2022 Threat Report ESET shows that this wave of hacktivism was reduced to 2o quarter and the operators ransomware turned their attention to the United States, the China and Israel" explains o Roman Kovthank you Chief Research Officer of ESET.
In relation to Emotet, according to her telemetry ESET, August was a month of… holidays for malware managers. Moreover, the gang behind it adjusted according to its decision Microsoft to disable macros VBA in documents sourced from the internet and focused on campaigns based on weaponized archives Microsoft Office and files LNK.
Η report it also looks at the threats that mainly affect them household users.
The references Phishing of ESET they showed a sixfold increase of baits Phishing for purported product shipments, which most often present victims with false claims of it DHL and USPS to verify shipping addresses.
"Regarding the threats that directly affect the virtual and physical currencies, one websites skimmer known as Magecart remains the top threat that preys on credit card information online buyers. We also saw double increase of baits Phishing on the topic of cryptocurrencies and the increase in the number of cryptostealers" explains o Kováč.
Η 2rd Quarter 2022 Threat Report ESET it also examines the most important ones foundings and accomplishments of researchers of ESET.
So, this quarter, her researchers ESET they found :
- a hitherto unknown MacOS backdoor cuts and later attributed it to team scarcruft
- an updated version of ArguePatch malware loader team's APT by name sandworm
- payloads of group Lazarus into a trojanized apps
- vulnerabilities buffer overflow on UEFI firmware of Lenovo, and end
- a new attack campaign that uses as bait a its fake software update Salesforce.
Also, its researchers ESET analyzed a case of the campaign Operation In(ter)ception team's Lazarus which targeted macOS devices.
In addition to these findings, the report also presents the recommendations made publicly by its researchers ESET the last few months and the speeches planned for the conferences AVAR, Ekoparty And much more.