Tuesday, February 11, 2025
HomeCyber Attack2023 Threat Report - Dramatic Surge in Social Engineering and Web Attacks

2023 Threat Report – Dramatic Surge in Social Engineering and Web Attacks

Published on

SIEM as a Service

Follow Us on Google News

The Second quarter of 2023 has shown a significant increase in the overall cyber-threat risks. The blocking of unique web attacks rose to 24% which accounts for more than 700 million unique blocked attacks each month.

Among these cyber risks, Social engineering and web-related threats have surged drastically, which include scams, Phishing, Adware, Trojans, File Infectors, and other types of risks when compared to other cyber threats.

Threat Vectors Based on Attack Types

Furthermore, the shielding of blocked attack statistics showed 594 million web-related attacks, 37 million file-based attacks, 14 million email-based attacks, 5 million behavioral threats, 3 million exploits, 600k scripts, and 500k other types of attacks.

In addition, blocked URLs accounted for 147 million and blocked files contributed to 61 million during the second quarter of 2023.

Among these attack vectors, Desktop-related attack types and Mobile-related malware types were analyzed which yielded further depth to the attacking methodologies of threat actors.

Statistical Analysis

The highest number of ransomware attacks were in Mozambique, Papua New Guinea, Afghanistan, Angola, Ghana, Republic of Korea.

Along with this, the Avast threat report showed most common coin miners were Web miners (various strains), XMRig, FakeKMSminer, VMiner, CoinBitMiner, CoinHelper, and NeoScrypt, which were the most common coin miners.

Information stealer malware saw a 14% decrease in Q2 of 2023. However, the most common info stealer malware were AgentTesla, FormBook, Raccoon Stealer, RedLine, Fareit, Lokibot, and ViperSoftX.

Document
FREE Webinar

API Security Fundamentals: How to Discover, Scan and Protect APIs

API Attacks Have Increased by 400% – Understand the Fundamentals of Protecting Your APIs with a Positive Security Model – Register Now for a Free Webinar

Threat actors targeting desktop devices have been increasing day by day and organizations are taking several precautionary methods to prevent attacks from breaching their security measures. However, Desktop-related threats still remain prevalent.

In the pool of Desktop-related threats, Scams accounted for 51%, Phishing 25.6%, Trojan 3.5 %, Adware 3.8 %, File infectors 2.9 %, and other types of attacks 13.1%.

The scam has seen a surge of 101.9%, followed by Phishing with 6.6%. However, Trojan and File infectors have seen a reduction from the last quarter.

However, Mobile related threats showed dropper malware having a huge surge of 86% in the last quarter. The overall report showed Adware at 73.6% risks, followed by Dropper at 6.1%, Banker malware at 5.8 %, Trojan at 3.9%, and other types of malware at 7.5%.

Avast has released a complete report on the threat report of Q2 of 2023 which showed detailed information on the threats, malware, info stealers, ransomware, and related attack vectors.

Keep informed about the latest Cyber Security News by following us on GoogleNews, Linkedin, Twitter, and Facebook.

Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks

Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks.According...

EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS

Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical...

Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks

As AI technologies continue to evolve, traditional CAPTCHA systems face increasing vulnerabilities.Recent studies...

Akira Ransomware Dominates January 2025 as the Most Active Ransomware Threat

January 2025 marked a pivotal month in the ransomware landscape, with Akira emerging as...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Hackers Exploit Valentine’s Day Domains for Sneaky Cyber Attacks

Cybercriminals are capitalizing on the season of love to launch sneaky and deceptive cyberattacks.According...

EARLYCROW: Detecting APT Malware Command and Control Activities Over HTTPS

Advanced Persistent Threats (APTs) represent a sophisticated and stealthy category of cyberattacks targeting critical...

Enhanced IllusionCAPTCHA: Advanced Protection Against AI-Powered CAPTCHA Attacks

As AI technologies continue to evolve, traditional CAPTCHA systems face increasing vulnerabilities.Recent studies...