Russia has become the main target of ransomware attacks | TechBuzz

- Advertisement -

Shortly before the Russian invasion, ESET’s telemetry saw a sharp drop in Remote Desktop Protocol (RDP) attacks. The decline in these attacks comes after two years of steady growth, and this turnaround may be related to the war in Ukraine. However, despite this decline, almost 60% of incoming RDP attacks recorded in the first months of 2022 come from Russia.

While in the past ransomware threats tended to avoid targets in Russia, from January to April 2022, according to ESET’s telemetry, Russia was the most common target. Security experts have even detected a type of ransomware locking the screen with the link “Glory to Ukraine!”. Since the Russian invasion of Ukraine, the number of amateur ransomwares and wippers has increased. Their authors often promise to support one of the warring parties and carry out the attacks as personal revenge.

In connection with the ongoing war, we also detected several new malware attacks of the wiper type, in which we believe that the motive for the attackers was not the vision of financial reward, as is the case with malware attacks. This time, the attackers focused on specific organizations in order to impair their ability to respond,Explains Robert Šuman, Head of ESET’s Prague Research Department. In April, ESET also unveiled a new variant of the Industroyer malware, through which attackers targeted a large part of Ukraine’s high-voltage power grid. The attack was also unsuccessful, thanks to security analysts from ESET Research.

Scams and phishing campaigns

- Advertisement -

Spam and phishing campaigns became a big topic immediately after the invasion on February 24. Through false collections, fraudsters began to abuse the solidarity of people who wanted to support the victims of the conflict. On the same day, ESET’s telemetry saw a large increase in spam detection. The area of ​​common malware, dissemination of misinformation, scams and phishing campaigns was also on the rise in the Czech Republic at the beginning of the year. Currently, a big topic is currently phishing scams on internet bazaars.

Read also

Security experts warn of a wave of fake applications, spreading banking malware

Although it is not hard malware, attacks using social engineering techniques are a very dangerous offensive strategy and an area that grew significantly in the first half of the year,“Adds Robert Šuman.

Emotet email malware

- Advertisement -

ESET’s telemetry also identified a number of other threats that were not primarily related to the international geopolitical situation. “After last year’s attempts to stop the spread, the infamous Emotet malware has reappeared in our telemetry, which is spread mainly through spam e-mails.“Says Šuman. In the first four months of this year, the attackers led one spam campaign after another, while the number of Emotet detections increased more than a hundredfold. However, as noted in ESET Threat Report, this could be the latest campaign to rely on malicious macros, due to a recent move by Microsoft to disable Internet macros in Office programs by default. After this change, cyber-attackers using Emotet began testing other attack vectors on much smaller samples of victims.

Cryptocurrency malware

ESET Research has also uncovered sophisticated malware aimed at stealing cryptocurrency devices from Android and iOS operating systems. Malicious applications containing Trojan horses look and have the same functionality as official crypto-wallets (Coinbase, imToken, MetaMask, Trust Wallet, Bitpie, TokenPocket or OneKey), but they behave differently depending on the operating system on which they are installed. If a legitimate version of the app is already installed on Android, the malicious app can’t overwrite it. In contrast, with the iOS operating system, the victim may have both a legitimate and a malicious version of the application.

Read also

Cybercriminals in the Czech Republic attacked with a virus used in the conflict in Ukraine

- Advertisement -

After a relatively long period of “bull markets”, when the value of the cryptocurrency market has grown, so-called “bear markets” open up good investment opportunities and an increase in cryptocurrency fraud can be expected. Therefore, especially new investors in cryptocurrencies should choose a mobile application to manage their funds carefully. According to the latest ESET Threat Report, more than a dozen of these fake applications were still available on Google Play in January 2022.

Although the presence of cryptocurrency malware mostly mimics the evolution of the cryptocurrency rate, with sanctions imposed on Russian cryptocurrency companies and the adoption of bitcoin as the legal currency in the Central African Republic, it is relatively difficult to predict how the threat will develop,“Adds Robert Šuman.

Source link

- Advertisement -
I am admin of blog & I provide tech-related news. As a part of my hobby, I make content related to technology and gadgets reviews too. I love to be a content creator apart from it, I am a full-time employee in an MNC company and manage blogs systematically. You can mail me at [email protected]

More from author

Related posts


Latest posts

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!