Modern malware turns users into accomplices.
Gen Digital's new Q3 Security Threat Survey reveals the rapidly increasing complexity of the threat landscape. The main trends are the growth of social engineering attacks, a significant increase in the number of ransomware, and the development of new types of malware targeting both desktop and mobile devices.
The report noted the type of "hack-in-yourself" attacks, which increased by 614% in the third quarter compared to the previous quarter, and the total number of blocked cases exceeded 2 million. This approach uses social engineering techniques to trick users into performing actions that lead to infecting devices on their own. Examples include fake CAPTCHAs, but actually infect systems with malicious scripts.
The attacks are often spread through fake YouTube tutorial videos, fake browser updates, and instructions on how to fix bugs in software. Attackers also encourage users to disable antivirus programs to avoid threat detection. Cybercriminals use such campaigns to install infostealers that collect user data, including passwords and financial information.
Ransomware attacks also increased by 24%. Of particular concern is the Lumma Stealer, a malware distributed using the MaaS model. The tool contributed to a 39% increase in infostealer activity. Such threats successfully bypass existing defenses, making them particularly dangerous.
Mobile devices are dominated by banker Trojans and spyware. The Rocinante virus, developed to steal banking data, has become widespread in Brazil. In Europe, new versions of Octo and TrickMo have appeared, which use vulnerabilities to capture user data. The NGate spyware, which steals NFC data to withdraw funds from ATMs, has become one of the main threats in the Czech Republic.
Cryptocurrency scams continue to gain popularity, facilitated by deepfake technologies. With their help, attackers create convincing videos that use images of famous people to draw attention to fake investment schemes. The use of such methods allows criminals to influence the mass audience and convince them of the need to invest in fictitious cryptocurrency projects.
The third quarter of 2024 showed a rapid increase in the sophistication of cyber threats, where the main weapon of attackers remains deceiving users. Experts recommend updating systems, avoiding suspicious links, and using antivirus solutions to protect yourself.
Source
Gen Digital's new Q3 Security Threat Survey reveals the rapidly increasing complexity of the threat landscape. The main trends are the growth of social engineering attacks, a significant increase in the number of ransomware, and the development of new types of malware targeting both desktop and mobile devices.
The report noted the type of "hack-in-yourself" attacks, which increased by 614% in the third quarter compared to the previous quarter, and the total number of blocked cases exceeded 2 million. This approach uses social engineering techniques to trick users into performing actions that lead to infecting devices on their own. Examples include fake CAPTCHAs, but actually infect systems with malicious scripts.
The attacks are often spread through fake YouTube tutorial videos, fake browser updates, and instructions on how to fix bugs in software. Attackers also encourage users to disable antivirus programs to avoid threat detection. Cybercriminals use such campaigns to install infostealers that collect user data, including passwords and financial information.
Ransomware attacks also increased by 24%. Of particular concern is the Lumma Stealer, a malware distributed using the MaaS model. The tool contributed to a 39% increase in infostealer activity. Such threats successfully bypass existing defenses, making them particularly dangerous.
Mobile devices are dominated by banker Trojans and spyware. The Rocinante virus, developed to steal banking data, has become widespread in Brazil. In Europe, new versions of Octo and TrickMo have appeared, which use vulnerabilities to capture user data. The NGate spyware, which steals NFC data to withdraw funds from ATMs, has become one of the main threats in the Czech Republic.
Cryptocurrency scams continue to gain popularity, facilitated by deepfake technologies. With their help, attackers create convincing videos that use images of famous people to draw attention to fake investment schemes. The use of such methods allows criminals to influence the mass audience and convince them of the need to invest in fictitious cryptocurrency projects.
The third quarter of 2024 showed a rapid increase in the sophistication of cyber threats, where the main weapon of attackers remains deceiving users. Experts recommend updating systems, avoiding suspicious links, and using antivirus solutions to protect yourself.
Source
