ESET Analysis
Closing intrusion vectors drive cybercriminals to revisit previous assault avenues, but additionally to search for new methods to assault their victims
12 Sep 2023
Sextortion emails and different text-based threats have been on a large enhance in H1 2023 and the query stays why. Are criminals simply lazy? Are they making an attempt to earn simple cash throughout their days off? Or is that this part of one thing larger, probably involving generative AI?
And that’s simply scratching the floor of the traits noticed within the latest ESET Threat Reportthe main target of this episode. One other intrusion vector that has seen elevated consideration from cybercriminals was MS SQL servers that needed to stand up to a renewed enhance in brute drive assaults.
Oh, and let’s not neglect the legal apply of usury, showing within the type of malicious Android apps. Trying to find victims within the international locations across the equator and within the southern hemisphere, cybercriminals attempt to strain and threaten victims into paying exorbitant rates of interest on short-term loans – which generally, they don’t even present.
But, it wasn’t all unhealthy in H1 2023. One piece of fine information was that infamous Emotet botnet confirmed little exercise, working only some minor and surprisingly ineffective spam campaigns in March. After these have been over, it went silent. What caught the eye of researchers was a brand new performance resembling a debugging output. This feeds into the rumors that Emotet has been – a minimum of partially – bought to a different menace group that’s uncertain of how issues work.
One other optimistic story got here relating to Redline stealer. This infamous malware-as-a-service (MaaS) utilized by criminals to steal sufferer’s info and ship different malware has been disrupted by ESET researchers and their mates at Flare programs. The disruption took down a series of GitHub repositories essential to run RedLine management panels for the associates. As there was no backup channel, operators behind the MaaS must discover a totally different path to run their “service”.
For all these matters and extra from ESET Menace Report, hearken to the most recent episode of ESET Analysis podcast, hosted by Aryeh Goretsky. This time, he directed his inquiries to one of many authors of the report, Safety Consciousness Specialist Ondrej KuboviC.
For the total report from H1 2023, together with different matters corresponding to adjustments in cryptocurrency threats, malicious OneNote recordsdata, the primary double supply-chain assault – courtesy of Lazarus group – or the most recent developments within the ransomware scene, click here.
Mentioned:
- Sextortion and text-based threats 1:46
- Brute drive assaults on MS SQL servers 7:10
- Usury on Android apps 9:20
- Emotet exercise 13:25
- RedLine Stealer disruption 16:45
Writer:
Date: 2023-09-12 05:31:24
