Kaspersky provides an insight into the financial threats of the coming year 2022: financial systems at risk, info dealers on the rise, and attacks on cryptocurrencies through wallets with backdoors.
In the coming year - according to forecasts by Kaspersky - state-supported groups will increasingly target the cryptocurrency industry and cybercriminals will take advantage of investors by creating fake wallets with backdoors. In addition, attacks on payment systems and more advanced mobile threats are on the rise.
Cryptocurrencies: The faster money for cyber criminals
Cyber criminals like to exploit changes and upheavals for their own purposes and adapt to new situations. With most of them pecuniary intent, financial threats have always been a significant part of the threat landscape. Based on this year's observations, the Kaspersky experts present their predictions for the coming year:
- Targeted attacks on cryptocurrencies will increase. Because cryptocurrencies are a digital commodity and all transactions take place online, they offer users anonymity - an interesting feature not only for cyber criminals but also for government-backed threat actors who have targeted cryptocurrencies. Kaspersky has watched APT groups attack the cryptocurrency business [2] and expects these activities to continue.
- Security flaws and fake hardware wallets as crypto hardware-based threats. As attacks on cryptocurrencies become more targeted, cybercriminals keep coming up with new ways to steal investors' financial assets. Kaspersky researchers predict that cyber criminals will expand the manufacturing and distribution of counterfeit devices with backdoors, followed by social engineering campaigns and other techniques to steal their victims' financial assets.
- The acceleration and consolidation of info dealers. To make attacks easier, affordable, and effective, infostealers will play a key role in attacks against financial assets - at least for data collection purposes. Various threat actors will use it to create a profile of the victims for further attacks. These include targeted ransomware attacks, traditional, targeted attacks and other strategic cyber attacks.
- More mobile banking Trojans. The pandemic has further developed mobile banking and so the experts at Kaspersky expect more mobile banking Trojans for the Android platform and in particular RATs that can bypass the security measures used by banks (such as OTP and MFA). Local, regional Android implant projects will spread globally and attacks will spread to Western Europe and other countries around the world.
“This year has been a challenge for many companies: managing remote access for employees, patching internet-connected hardware systems to ward off ransomware attacks, a significant growth in mobile banking and its malware implants,” explains Dmitry Bestuzhev , Head of the Global Research and Analysis Team (GReAT) at Kaspersky in Latin America.
The challenge of remote access for employees
“Cyber criminals have not shied away from targeting markets. We have observed that previously only regionally active cybercriminals are now expanding to other regions of the world; this complicates the work of cybersecurity professionals. Therefore, it is vital that we navigate the ever-evolving landscape of financial threats and share our expertise. In this way, we can help companies prepare for and protect themselves against these threats.”
The financial forecasts are part of Kaspersky Vertical Threat Predictions for 2022, one of the segments of Kaspersky Security Bulletin (KSB) - an annual series of forecast and analytical reports on key changes in the world of cybersecurity.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/