Today ESET released its T3 2022 threat report, summarizing key statistics from ESET detection systems and highlighting notable examples of their findings from October to December 2022. Most notably, the report found:
While malware use is down, crypto phishing has increased by 62%.
The impact of Russia's invasion on digital threats
While crimeware is decreasing, cryptocurrency related scams are rising
Banking malware detections more than doubled in a year-to-year comparison
The report also found that the war in Ukraine had a major impact on the country and its population, including the cyber realm. Ransomware operators had a divided response, with some supporting and others opposing the aggression. The attackers have used increasingly destructive tactics, such as deploying wipers that mimic ransomware but do not provide decryption keys. The war also affected brute-force attacks against RDP services, causing a decline in 2022. This decline might also be due to a decrease in remote work, better setup and countermeasures by IT departments, and a new blocking feature built into Windows 11. Most of the RDP attacks detected in 2022 came from Russian IP addresses.
Attack Vectors
In terms of attack vectors, password guessing was the most favored network attack vector in T3 2022. Log4J vulnerability was second in the external intrusion vector ranking despite remedies being available since December 2021. Crypto-threats were affected by declining cryptocurrency exchange rates and rising energy prices. Cryptostealers and cryptominers declined, but cryptocurrency-related scams increased. December's holidays led to increased phishing activity and malicious mobile game releases.
Platforms and Industries
The Android platform also saw an increase in spyware and adware. Banking malware was an exception, with detections doubling year-over-year. ###