Cybersecurity Cloud & Data

Tools of cyber trade: DDos Emotet phishing & geopolitics

The digital world progresses and seeps into our every aspect, but so do cyberattacks, breaches, ransomware, and malware.

According to Cloudflare DDoS threat report 2022 Q3, one of the largest attacks on the Internet was a 2.5 Tbps DDoS attack by a Mirai botnet variant aimed at a popular Minecraft server, Wynncraft, that didn’t even notice the attack. In fact, there was a 4x increase in network-layer DDoS attacks attributed to the Mirai botnet. This underscores why securing IoT devices is critical.

Read more: Financial services in APJ among the most cyberattacked verticals

Also, gaming/gambling was the most targeted industry, seeing a massive 381% increase in Q3.

In addition, application-layer DDoS attacks double year over year, with a 114% YoY increase in application-layer DDoS attacks targeting customers. Q3 saw ransom DDoS attacks increase for the third quarter in a row. September saw almost one out of every four respondents receiving a ransom DDoS attack or threat.

ESET says the most influential downloader strain, Emotet continued to be active, with detections seen mainly in Japan and Italy. Also, ESET phishing feeds showed a sixfold increase in shipping-themed phishing URLs, with the most commonly impersonated brands being USPS and DHL.

The Bahamut APT Group Targets Android Users

In November, ESET researchers identified an active campaign targeting Android users, conducted by the Bahamut APT group, a campaign that has been ongoing since the start of this year. Malicious spyware apps are distributed through a fake SecureVPN website that provides only trojanized Android apps to download.

HTTP DDoS attacks have increased by 111% compared to Q3 ’21 and have become cheaper and more accessible to launch – which contributes to their continued growth and presence around the globe

According to ESET, this website has no association whatsoever with the legitimate, multiplatform SecureVPN software and service. Malicious apps used in this campaign can exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as WhatsApp, Facebook Messenger, Signal, Viber, and Telegram.

ESET researchers discovered at least eight versions of the Bahamut spyware, which could mean the campaign is well-maintained. The malicious apps were never available for download from Google Play.

Cyber Geopolitics

Cyberattacks are also reflecting geopolitical tensions. Attacks targeting Taiwanese companies increased nearly 20-fold, and attacks on Russian websites surged 24x compared to last year. In the beginning of October, airports around the US were hit by DDoS attacks from a pro-Russian group called Killnet this week.

Cloudflare CTO, John Graham-Cumming, said, “HTTP DDoS attacks have increased by 111% compared to Q3 ’21 and have become cheaper and more accessible to launch – which contributes to their continued growth and presence around the globe.”

Read more: Cyber loot: Conti RaaS reaped US$180 million in 2021 from ransom payments

Although, the ESET Threat Report T2 2022 states a decline in politically motivated ransomware, as operators turned their attention from Russia back to their usual targets like the US, China, and Israel.

It saw a decline in the total number of RDP attack attempts owing to post-COVID return to offices, improved security, and the Russia-Ukraine war.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

Is AI Hitting a Plateau? The Scaling Debate OpenAI Prefers to Avoid

I think OpenAI is not being honest about the diminishing returns of scaling AI with…

15 hours ago

PayalGaming becomes India’s first female gamer to win an international award

S8UL Esports, the Indian esports and gaming content organisation, won the ‘Mobile Organisation of the…

23 hours ago

Funding alert: Tech startups that raked in moolah this month

The Tech Panda takes a look at recent funding events in the tech ecosystem, seeking…

2 days ago

Colgate launches AI-powered personalized dental screenings

Colgate-Palmolive (India) Limited, the oral care brand, launched its Oral Health Movement. The AI-enabled initiative…

2 days ago

The role of ASR in voice bots: Revolutionizing customer interaction through real-time recognition

This fast-paced business world belongs to the forward thinking organisations that prioritise innovation and fully…

3 days ago

Disrupting Fintech: How product studios are transforming financial services

In the rapidly evolving financial technology landscape, innovative product studios are emerging as powerful catalysts…

1 week ago