A view of the T1 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
During the first four months of this year, the COVID-19 pandemic was still the number one news topic around the world; however, it became notably less prominent in the threat landscape. One could say “fortunately”, yet as you’ll see in our latest report, we are continuing to see worrying examples of cybercrooks being able to rapidly abuse trending vulnerabilities and flaws in configuration with focus on the highest ROI.
These abuses include the RDP protocol still being the number one target of brute-force attacks, increased numbers of cryptocurrency threats, and a steep increase of Android banking malware detections.
While examining these threats, our researchers also analyzed a vulnerability chain that allows an attacker to take over any reachable Exchange server. The attack has become a global crisis and our researchers identified more than 10 different threat actors or groups that likely leveraged this vulnerability chain.
Many servers around the world stayed compromised, so in the United States, the FBI decided to solve this issue by using the access provided by the malicious webshells themselves as an entry point to remove the webshells, which demonstrated the US government’s commitment to disrupt hacking activity using any and all legal tools that apply, not just prosecutions.
Similarly, following a large-scale, global operation to take down the infamous Emotet botnet, law enforcement pushed a module to all infested devices, to uninstall the malware. Will this become a new trend? Will we see law enforcement adopt a more proactive approach to solving cybercrime cases in the future? We’ll keep an eye out for that.
Before you dive into our l ..
Support the originator by clicking the read the rest link below.
