Threat Report
This week, Multi-Vendor's eBook 'Threat Report' illuminates the critical role of ESET XDR in crafting a proactive defense against sophisticated threats. Gain an understanding of the diverse and evolving challenges such as GoldDigger malware targeting financial transactions, persistent Ebury botnet activities compromising Linux servers, and infostealers disguised as AI tools. The highlighted statistics from ESET telemetry showcase the extensive infiltration of malware across various platforms, with over 20,000 websites affected by JS/Agent family malware alone. Additionally, the eBook provides expert insights into the future seismic shifts in ransomware landscapes and tactics used by cybercriminals in phishing, exploiting software vulnerabilities, and much more. The report is not just an alarm but a guidepost for IT professionals looking to secure their infrastructure proactively.
GoldPickaxe is a new mobile malware that targets Android and iOS devices, primarily in Southeast Asia. It steals facial recognition data to create deepfake videos, which are then used to authenticate fraudulent financial transactions. This malware is distributed through websites that impersonate official app stores, and it has been linked to a Chinese-speaking cybercrime group known as GoldFactory.
How has Ebury evolved over the years?
Ebury is a long-standing botnet that has been active since 2009, compromising nearly 400,000 Linux servers. Initially used for web redirections and spamming, it has evolved to include functionalities that intercept HTTP POST requests to steal financial details from transactional websites. Despite past law enforcement actions, Ebury continues to operate and adapt, demonstrating resilience in the face of ongoing cybersecurity efforts.
What are the current trends in Android financial threats?
In the first half of 2024, Android financial threats, which include banking malware and cryptostealers, have shown a modest decrease of 3.8% compared to the previous year. However, these threats remain prevalent, particularly in regions like Türkiye, Latin America, and Southeast Asia, where rapid digital transformation has made users more vulnerable to cybercrime. The tactics employed by these threats are continuously evolving to evade detection and exploit new vulnerabilities.
Sign in with LinkedIn