Latest ESET Threat Report Highlights Security Incidents, AI-themed attacks, and Spyware Cases

Latest ESET Threat Report Highlights Security Incidents, AI-themed attacks, and Spyware Cases

ESET has released its latest Threat Report, which summarizes threat landscape trends seen in ESET telemetry and from the perspective of ESET threat detection and research experts from June 2023 through November 2023. The second half of 2023 witnessed significant cybersecurity incidents.

Cl0p, a notorious cybercriminal group known for carrying out ransomware attacks on a major scale, garnered attention via its extensive “MOVEit hack,” which surprisingly did not involve ransomware deployment. In the IoT landscape, ESET researchers have identified a kill switch that has successfully rendered the Mozi IoT botnet nonfunctional.

Amidst the prevalent discussion regarding AI-enabled attacks, ESET has identified specific campaigns targeting users of tools such as ChatGPT and the OpenAI API. With spyware, there has been a significant increase in Android spyware cases, mainly attributed to the presence of the SpinOk threat.

“The Cl0p attack targeted numerous organizations, including global corporations and US governmental agencies. A key shift in Cl0p’s strategy was its move to leak stolen information to public websites in cases where the ransom was not paid, a trend also seen with the ALPHV ransomware gang,” explains ESET Director of Threat Detection Jiří Kropáč.

A new threat against IoT devices, Android/Pandora, compromised Android devices — including smart TVs, TV boxes, and mobile devices — and used them for DDoS attacks. ESET Research also noticed a considerable number of attempts to access malicious domains with names resembling “ChatGPT,” seemingly in reference to the ChatGPT chatbot. Threats encountered via these domains include web apps that insecurely handle OpenAI API keys, emphasizing the importance of protecting the privacy of users’ OpenAI API keys.

Among Android threats, SpinOK spyware is distributed as a software development kit and is found within various legitimate Android applications. On a different front, the second most recorded threat in H2 2023 is malicious JavaScript code detected as JS/Agent, which continues to be injected into compromised websites.

On the other hand, the increasing value of bitcoin has not been accompanied by a corresponding increase in cryptocurrency threats, diverging from past trends. However, cryptostealers have seen a notable increase, caused by the rise of the malware-as-a-service infostealer Lumma Stealer, which targets cryptocurrency wallets.

 

Dormant accounts can be a big risk

Dormant accounts can be a big risk

Phil Muncaster, guest writer for ESET, cautions that long-forgotten online accounts could pose…
Deepfakes threating corporates now

Deepfakes threating corporates now

Jim Richberg, Head of Cyber Policy and Global Field CISO at Fortinet,…
Protect Yourself from Online Betting Scams

Protect Yourself from Online Betting Scams

Phil Muncaster, guest writer at ESET, emphasizes don’t roll the dice…
Push Security secures $30 million Series B funding

Push Security secures $30 million Series B funding

Push Security, a pioneer in detecting and responding to modern identity attacks…
Pemo enters Saudi Arabia in partnership with neoleap

Pemo enters Saudi Arabia in partnership with neoleap

Pemo, the all-in-one spend management platform, has officially launched…
TruBuild raises $1 million to enhance its AI platform

TruBuild raises $1 million to enhance its AI platform

TruBuild, the AI-powered construction technology startup focused on preventing delays and unexpected…