One such exploit was discovered in the highly popular MOBA game, Dota 2. Our researchers have been actively identifying zero-day exploits employed by threat actors in the wild. Moreover, several Remote Access Trojans (RATs) boosted their presence significantly, including Remcos, AsyncRat, and DarkComet, many of which had the help of the DBatLoader loader, particularly in the Czech Republic, Argentina, and Mexico, where the related risk ratio doubled this quarter. The more cybercriminals that we can bring to justice, the better. In addition, we’ve seen some positive news about cybercriminal busts, particularly in Europe, targeting groups such as NetWire, DoppelPaymer, and Hive. The report also includes our latest efforts in combating ransomware, which involved the release of two new free decryption tools for the BianLian and MeowCorp ( Conti offspring) ransomware families. Furthermore, coinminers continue to pose a threat in the Balkans, with a global shift from standalone miners like XMRig to webminers doing their dirty business in victims’ browsers. Additionally, the Russian DDosia project underwent a significant development, with 7,300 members now being involved in these malicious activities. Additionally, we discovered a new malware called NeedleDropper that is primarily used for distribution of these stealers.Įast Asia, including Japan, Taiwan, and China, experienced a significant increase in adware activity this quarter. Our team has also protected 333% more users from Raccoon Stealer activity, and this information stealer is now on par with the most popular information stealers, such as AgentTesla. This trend is particularly evident in Japan, which experienced an 86% increase in such attacks. Information stealers remain one of the top threats, with an overall risk of infection increasing significantly by 22% compared to Q4/2022. Our analysis sheds light on this emerging threat landscape and provides insights on how users can protect themselves from these evolving tactics. These groups are continually adapting their tactics to evade detection and infect unsuspecting users with malware. We, for example, highlight the sharp increase in OneNote documents abuse by malware groups such as Qakbot, IcedID, Redline, and Emotet. In this edition of our Threat Report, our featured story presents the evolving tactics used by cybercriminals to infect users. In fact, two out of three of our detections during this quarter were phishing, scams, or related online threats, as can be seen from the infographics below. Our Threat Labs team has analyzed extensive data to identify and block the most significant risks to people across the globe, including the growing threat of social engineering attacks. I’m thrilled to present the Avast Q1/2023 Threat Report, which provides a comprehensive overview of the latest cyberthreats and emerging trends in the security landscape.
0 Comments
Leave a Reply. |