As the current ESET Threat Report T3 2022 shows, there are increasing cyber threats everywhere as a result of the Ukraine war. The cyber war has fully unfolded with new ransomware, wipers, DDoS or brute force attacks on accounts.
IT security manufacturer ESET has published its T3 2022 threat report, which summarizes the most important statistics of ESET detection systems and highlights notable examples from cybersecurity research. The latest edition of the so-called "ESET Threat Report" (September to December 2022) highlights the impact of the ongoing war in Ukraine and its consequences for the world, including cyberspace. The invasion continues to have major impacts on energy prices, inflation, and cyber threats. The ransomware scene is undergoing some of the biggest changes.
Cyber War in Ukraine
Since the beginning of the Russian invasion of Ukraine, ransomware has increased its destructive capabilities. During the last third of the year, several ransomware-like wipers targeting Ukrainian institutions have appeared. “The ongoing war in Ukraine has created a split among ransomware operators. Some of them support aggression, others oppose it. Attackers have increasingly used destructive tactics, such as using wipers that mimic ransomware. In doing so, they encrypt the victim's data - but with no intention of ever providing a decryption key," explains Roman Kováč, Chief Research Officer at ESET.
Brute force attacks against RDP services
The war also encourages brute force attacks against exposed RDP services. The daily average was about 100 million attempts (compared to 1 billion in T2022 2022). Despite the nominal decline in XNUMX, password cracking remains the most popular network attack vector.
Log4j vulnerability still under investigation
The Log4j vulnerability, for which patches have been available since December 2021, continues to rank second in the ranking of external attack vectors. Attack attempts on Log4j increased by nine percent in the third quarter of 2022.
Cryptocurrency scams
The report also explains the impact of cryptocurrency prices and rising energy prices on various crypto threats. Cryptocurrency crimeware threats decreased by 3 percent in T2022 25 and nearly halved year-on-year. Infostealer detections have been declining for both the period under review and for 2022 as a whole.
In contrast, cryptocurrency scams experience a real renaissance in the months of September to December. ESET products blocked 62 percent more phishing websites dealing with cryptocurrencies during this period. Banking malware is also on the rise. Their discoveries doubled compared to the previous year.
Cybercrime campaigns are becoming more sophisticated
The ESET T3 2022 Threat Report also provides an overview of key findings and achievements from ESET researchers. They discovered a MirrorFace spearphishing campaign targeting high-level Japanese political bodies and a new ransomware called RansomBoggs. This targeted several organizations in Ukraine and bears the fingerprints of the APT group Sandworm.
Campaign of the Lazarus Group
ESET researchers also discovered a campaign by the notorious Lazarus Group targeting victims with spearphishing emails containing documents containing fake job offers. One of these decoys was sent to an employee at an aerospace company in the Netherlands.
New wiper discovered
For supply chain attacks, ESET experts found a new wiper and its execution tool. Behind it one suspects the APT group Agrius. They targeted users of an Israeli software suite widely used in the diamond industry.
More at ESET.com
About ESET ESET is a European company with headquarters in Bratislava (Slovakia). ESET has been developing award-winning security software since 1987 that has already helped over 100 million users enjoy secure technology. The broad portfolio of security products covers all common platforms and offers companies and consumers worldwide the perfect balance between performance and proactive protection. The company has a global sales network in over 180 countries and branches in Jena, San Diego, Singapore and Buenos Aires. For more information, visit www.eset.de or follow us on LinkedIn, Facebook and Twitter.