The latest ESET Threat Report discloses significant cybersecurity trends and incidents spanning June to November 2023, highlighting a landscape marked by notable security events, AI-related attacks, and instances of Android spyware. The report focuses on key cyber threats, including a surprising deviation in the tactics of the notorious Cl0p cybercriminal group, known for large-scale ransomware attacks. Instead of deploying ransomware, Cl0p opted to leak stolen information on public websites when ransoms were not paid, a trend observed also with the ALPHV ransomware gang.
The report also emphasizes the increasing prevalence of spyware affecting Android technology, with the SpinOk threat contributing to the rising number of cases during the specified period. SpinOk spyware is distributed as a software development kit and is embedded within various legitimate Android applications.
Within the domain of artificial intelligence, the report identifies dedicated campaigns targeting users of AI tools like ChatGPT and the OpenAI API. ESET researchers also note a substantial number of attempts to access malicious domains resembling ChatGPT, posing potential threats to the privacy of OpenAI API users.
ESET’s Jiří Kropáč highlighted the identification of specific campaigns targeting AI tool users amidst the ongoing discussion about AI-enabled attacks. Additionally, a noteworthy observation was the numerous attempts to access malicious domains with names resembling “chapgpt,” indicating potential risks to the privacy of OpenAI API keys.
The Threat Report delves into the IoT landscape, highlighting a new threat against IoT devices named Android/Pandora. This malware compromises Android devices, including smart TVs, TV boxes, and mobile devices, utilizing them for Distributed Denial of Service (DDoS) attacks. On a positive note, ESET researchers discovered a kill switch that successfully neutralized the Mozi IoT botnet.
Despite an elevated value of Bitcoin, the report notes an unusual absence of a corresponding increase in cryptocurrency threats. Conversely, the emergence of the malware-as-a-service infostealer Lumma Stealer led to an uptick in cryptostealer threats, particularly focused on cryptocurrency wallets.
The ESET Threat Report provides a comprehensive view of the current digital threat landscape, covering malware campaigns and shifts in cybercriminal tactics. This snapshot offers valuable insights for individuals and organizations navigating the complex web of digital threats, facilitating informed strategies for secure and safe technological use.