Positive Technologies: 51% of successful malware attacks start with phishing
(MENAFN- Active DMC) Positive Technologies, a leader in result-driven cybersecurity, has unveiled a study of the current cyberthreats for Q1 2024. Malware remained the main weapon that cybercriminals use, while analysts recorded an increase in the use of remote control software. Attackers usually spread malware by email: 51% of successful cyberattacks on organizations started with phishing emails.
In Q1, the number of incidents increased by 19% year-on-year. Meanwhile, 78% of the attacks targeted organizations. The top targets of successful cyberattacks were government agencies (15%), IT companies (9%), and industry (8%).
The most common method for attacking companies was with malware, which accounted for 68% of successful cyberattacks. The most common types of malware are ransomware (43%), remote access trojans (RATs, 32%) and spyware (21%). The number of cyberattacks using spyware and encryption malware decreased by 4% and 11%, respectively. Meanwhile, analysts note that in the first three months of 2024, the number of attacks using RATs increased by 10% compared to Q4 2023.
The increased attacker interest in RATs can be explained by the fact that much of today's malware is modular. As such, attackers can combine spyware, bootloaders, banking trojans, and even encryption malware, allowing them to cause greater damage to their victims," notes Dmitry Streltsov, an analyst from the Positive Technologies research group. —We predict that cybercriminals will continue increasing their use of modular programs by adding new features to them. However, it's too early to discount spyware and encryption malware, despite the decline in their use."
In over half of the attacks, the attackers spread malware via email. Thus, Positive Technologies (The PT Expert Security Center) has detected a series of attacks by the cybergroup Lazy Koala, whose victims include organizations from Russia and the CIS. Attackers used phishing emails to convince recipients to open attachments and run the files in their browser. As a result, their devices were infected with malware that cybercriminals used to steal employee accounts.
Cyberattacks usually resulted in the leakage of confidential information (54%) and the disruption of core activity (33%). In data-centric attacks, attackers usually intended to seize personal information (37%), trade secrets (22%), and log-in details (17%). For example, in January, researchers discovered the largest database ever, with 26 billion entries of data on users of popular Russian and foreign social networks, as well as services such as Adobe, Dropbox, and Canva.
MENAFN06062024004341011474ID1108303320
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.