A new wave of sophisticated hacker attacks is coming, experts warn mobilenet.cz | TechBuzz

- Advertisement -

According to the current overview of threats for devices with the Windows operating system in the Czech Republic, the most frequently detected malicious codes in May were Agent Tesla spyware, Formbook spyware and Fareit password stealer. In all cases, it is malware that focuses on stealing sensitive data, especially user passwords.

Read also

The global attack targeted airlines and defense companies from around the world, including the Czech Republic

The most frequently detected malicious code in May was spyware Agent Tesla, and we recorded a major offensive campaign worldwide on May 30. However, it is interesting that this campaign was practically non-existent in the Czech Republic and spyware attacked around the middle of May 12 and 15,Says Martin Jirkal, head of the analytical team at ESET Research in Prague. “Spyware attacks primarily through dangerous e-mail attachments. In May, users were able to find, for example, attachments named Factura.exe or PO # 22687_pdf.exe in their e-mails. The attackers used only attachments from global campaigns and did not locate them in Czech,He adds.

The decline in detections may be a harbinger of new attacks

- Advertisement -

Even in the case of the Formbook and Fareit password stealer spyware, the attackers did not actively use Czech in May. Fareit most often hid in attachments called “Purchase Inquiry.exe” or “Termination Letter.exe”. The formbook then most often appeared in the appendix “RFQ-22-03795.exe” and the offensive campaigns were conducted mainly in Serbian. “The only case in which the attackers probably intentionally used Czech in the attack campaign was an attachment from the Fareit password stealer attack from May 9 to 10, entitled Orders (P.O_R6790074) _INTERCOM_Bohemia.exe. It was a case where the attackers tried to create a targeted attack beyond the global campaign. However, we repeatedly see that they do not use Czech correctly, which fortunately can warn users in time,“Explains Jirkal.

READ  There's a New Slayer in the Latest Comic From the Buffy Universe | TechBuzz

Although security experts monitor Agent Tesla and Formbook and password stealer Fareit spyware in the Czech environment on a regular and long-term basis, they recorded an overall decline in their activity in May. Each of them appeared in about a tenth of all detections.

Experts have discovered a dangerous virus.  To open it, just open the document in Word

Read also

Experts have discovered a dangerous virus. To open it, just open the document in Word

- Advertisement -

We have been observing this downward trend in the number of detected cases since April this year. Since about February, we have also been watching how the order of the most common malicious codes for the Windows operating system in the Czech Republic changes regularly. Formbook spyware, for example, came to the fore last month, although we have so far detected the Tesla Agent spyware as the biggest threat without major fluctuations. How likely this situation is to be affected by current geopolitical events and the related activity of the attacking groups is likely to be seen. In our experience, this is probably a period of rest before a larger wave of new and more successful attacks,Explains Jirkal.

Let’s not underestimate the security of our login details

The main target of all the mentioned attacks are mainly user passwords. After being stolen, the attackers can monetize them on the black market or use them for further attacks. Security experts have repeatedly advised users not to underestimate the secure management of their credentials. In the case of a spyware attack, the passwords that users store in their Internet browsers are most at risk. They are not properly secured against these attacks.

READ  iPhone 14 Pro and iPhone 14 Pro Max taller displays and notch replacement corroborated in leaked panels | TechBuzz

We know from regular surveys that the creation of strong passwords and their subsequent safe storage has long been underestimated in the Czech Republic. A strong password should be at least ten characters long, such as uppercase and lowercase letters, numbers, or special characters, if the service allows it. However, users usually need to write more complex passwords somewhere, and this is where a security gap most often arises,Says Jirkal of ESET Research.

Cybercriminals in the Czech Republic attacked the virus used in the conflict in Ukraine
- Advertisement -

Read also

Cybercriminals in the Czech Republic attacked the virus used in the conflict in Ukraine

Suitable specialized tools that store passwords in encrypted form are, for example, password managers, which users can purchase as a service independently or as part of quality security solutions. In addition, modern antivirus software can effectively protect devices and sensitive data from attack if a user retrieves a dangerous attachment from their e-mail, for example, thanks to machine learning technology.

The most common cyber threats to the Windows operating system in the Czech Republic in May 2022:

  1. MSIL / Spy.AgentTesla Trojan (14.06%)
  2. Win32/PSW.Fareit trojan (10,67 %)
  3. Win32/Formbook trojan (9,18 %)
  4. MSIL/Spy.Agent.AES trojan (4,82 %)
  5. Win32/Agent.TJS trojan (3,84 %)
  6. MSIL/Spy.Agent.CVT trojan (2,30 %)
  7. Win32/Spy.Weecnaw trojan (1,67 %)
  8. BAT/CoinMiner.AUB trojan (1.37 %)
  9. VBS / KillAV.NAS trojan (1.26%)
  10. Win32/Rescoms trojan (1,11 %)

Source link

- Advertisement -
I am admin of techbuzz.asia blog & I provide tech-related news. As a part of my hobby, I make content related to technology and gadgets reviews too. I love to be a content creator apart from it, I am a full-time employee in an MNC company and manage blogs systematically. You can mail me at [email protected]

More from author

Related posts


Latest posts

The new Mi Band 7 Pro is more of a smartwatch than a bracelet – SmartphoneHrvatska | TechBuzz

Yesterday, at an event in China, Xiaomi presented the new Xiaomi 12S series of phones with Leica cameras, along with the new...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!