Saturday, June 15, 2024

2023 Threat Report – Dramatic Surge in Social Engineering and Web Attacks

The Second quarter of 2023 has shown a significant increase in the overall cyber-threat risks. The blocking of unique web attacks rose to 24% which accounts for more than 700 million unique blocked attacks each month.

Among these cyber risks, Social engineering and web-related threats have surged drastically, which include scams, Phishing, Adware, Trojans, File Infectors, and other types of risks when compared to other cyber threats.

Threat Vectors Based on Attack Types

Furthermore, the shielding of blocked attack statistics showed 594 million web-related attacks, 37 million file-based attacks, 14 million email-based attacks, 5 million behavioral threats, 3 million exploits, 600k scripts, and 500k other types of attacks.

In addition, blocked URLs accounted for 147 million and blocked files contributed to 61 million during the second quarter of 2023.

Among these attack vectors, Desktop-related attack types and Mobile-related malware types were analyzed which yielded further depth to the attacking methodologies of threat actors.

Statistical Analysis

The highest number of ransomware attacks were in Mozambique, Papua New Guinea, Afghanistan, Angola, Ghana, Republic of Korea.

Along with this, the Avast threat report showed most common coin miners were Web miners (various strains), XMRig, FakeKMSminer, VMiner, CoinBitMiner, CoinHelper, and NeoScrypt, which were the most common coin miners.

Information stealer malware saw a 14% decrease in Q2 of 2023. However, the most common info stealer malware were AgentTesla, FormBook, Raccoon Stealer, RedLine, Fareit, Lokibot, and ViperSoftX.

FREE Webinar

API Security Fundamentals: How to Discover, Scan and Protect APIs

API Attacks Have Increased by 400% – Understand the Fundamentals of Protecting Your APIs with a Positive Security Model – Register Now for a Free Webinar

Threat actors targeting desktop devices have been increasing day by day and organizations are taking several precautionary methods to prevent attacks from breaching their security measures. However, Desktop-related threats still remain prevalent.

In the pool of Desktop-related threats, Scams accounted for 51%, Phishing 25.6%, Trojan 3.5 %, Adware 3.8 %, File infectors 2.9 %, and other types of attacks 13.1%.

The scam has seen a surge of 101.9%, followed by Phishing with 6.6%. However, Trojan and File infectors have seen a reduction from the last quarter.

However, Mobile related threats showed dropper malware having a huge surge of 86% in the last quarter. The overall report showed Adware at 73.6% risks, followed by Dropper at 6.1%, Banker malware at 5.8 %, Trojan at 3.9%, and other types of malware at 7.5%.

Avast has released a complete report on the threat report of Q2 of 2023 which showed detailed information on the threats, malware, info stealers, ransomware, and related attack vectors.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.


Latest articles

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these...

SolarWinds Serv-U Vulnerability Let Attackers Access sensitive files

SolarWinds released a security advisory for addressing a Directory Traversal vulnerability which allows a...

Smishing Triad Hackers Attacking Online Banking, E-Commerce AND Payment Systems Customers

Hackers often attack online banking platforms, e-commerce portals, and payment systems for illicit purposes.Resecurity...

Threat Actor Claiming Leak Of 5 Million Ecuador’s Citizen Database

A threat actor has claimed responsibility for leaking the personal data of 5 million...

Ascension Hack Caused By an Employee Who Downloaded a Malicious File

Ascension, a leading healthcare provider, has made significant strides in its investigation and recovery...

AWS Announced Malware Detection Tool For S3 Buckets

Amazon Web Services (AWS) has announced the general availability of Amazon GuardDuty Malware Protection...

Hackers Exploiting MS Office Editor Vulnerability to Deploy Keylogger

Researchers have identified a sophisticated cyberattack orchestrated by the notorious Kimsuky threat group.The...
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles