Sextortion emails and other text-based threats have seen a significant increase in the first half of 2023, leaving experts puzzled as to the reasons behind this surge. The latest ESET Threat Report sheds light on this trend and explores other noteworthy developments in the cybercrime landscape. Evidently, cybercriminals are revisiting old attack avenues and exploring new ways to target their victims.
One intrusion vector that has regained the attention of cybercriminals is MS SQL servers, which have experienced a renewed wave of brute force attacks. These attacks involve cybercriminals repeatedly attempting various password combinations until they gain unauthorized access to the targeted servers. This highlights the importance of strengthening the security measures surrounding MS SQL servers to prevent potential breaches.
Moreover, another concerning practice observed by ESET researchers involves malicious Android apps engaging in usury. In regions near the equator and the southern hemisphere, cybercriminals leverage these apps to pressure and threaten victims into paying exorbitant interest rates on short-term loans, despite the fact that these criminals often fail to provide the promised loans. This underscores the need for heightened awareness regarding the risks associated with downloading and using unauthorized apps.
However, amidst these alarming trends, there is some positive news. The notorious Emotet botnet, known for its malicious activities, displayed minimal activity in the first half of 2023. It only conducted a few minor and ineffective spam campaigns in March before going silent. Researchers observed a new functionality resembling a debugging output, which suggests that Emotet might have been sold to another threat group struggling to navigate its intricacies.
Additionally, ESET researchers and their partners at Flare Systems successfully disrupted the Redline stealer, a highly problematic malware-as-a-service (MaaS) utilized by criminals to steal sensitive information and distribute other malware. By targeting the chain of GitHub repositories crucial for operating RedLine control panels, the researchers managed to disrupt the MaaS’s infrastructure. This setback forces the operators behind Redline to seek alternative methods to continue their malicious activities.
To delve deeper into the topics covered in the ESET Threat Report for H1 2023, listeners are encouraged to tune in to the latest episode of the ESET Research podcast hosted by Aryeh Goretsky. In this episode, Security Awareness Specialist Ondrej Kubovič discusses the various findings and insights highlighted in the report.
For a comprehensive overview of the entire report, including discussions on cryptocurrency threats, malicious OneNote files, the first double supply-chain attack orchestrated by the Lazarus group, and the latest developments in the realm of ransomware, interested individuals can access the full report here.
In conclusion, the evolving threat landscape continues to challenge cybersecurity professionals, necessitating constant vigilance and adaptable defense strategies. The rise of sextortion emails, brute force attacks on MS SQL servers, Android apps engaging in usury, and other cyber threats underscores the need for organizations and individuals to remain proactive in safeguarding their digital assets and personal information.