From ESET Research Laboratory, a leading company in proactive threat detecting, analyzed the biggest attacks used in 2018 in Latin America. The company shares the main features, and the reasons why these methods are increasingly used by attackers who receive benefits o resources and information from consumers.
The 5 most useful cyber assaults in 2018:
1. Fishing attacks. Although it was an assault that existed years ago, the recent expansion campaigns showed new features.
Many fishing sites now use safety certificates. According to the Antiphishing Working Group, during the second quarter of 2018, approximately 35% of registered fishing assaults were carried out on websites with a HTTPS protocol, a significant increase compared to almost 5% of cases of false sites with SSL certificates, reported at the end of 2016.
In addition, alternative methods of moving to "traditional" email are used, such as message applications; to reach more potential victims. At the same time, these malicious campaigns also contain features of homogeneous attacks, which add more user difficulties to identify apocryphal websites.
"The recommended safety practices in relation to phishing are still valid, although not enough, due to the new features of such attacks. Now it is not enough to check & # 39; r URL, security lock or use of HTTPS, it would also be useful to check the common name of the site in the security certificates, compared to the main site in question, "said Miguel Angel Mendoza, IT security specialist in Latin America.
This threat was started in August 2017 and has as a principle of challenging the overseas team processing capacity to earn money through cryptocurrency excavation. One of the roads or infected devices is through scripts running in user browsing, it's enough for a user to visit a website that contains the code so that their Processor is used to undermine some cryptocurrency. Cryptography began to be a great activity towards the end of last year, which is the biggest threat of ESET telemetry worldwide between December 2017 and June 2018.
So far in 2018, in the Latin American region, almost half of the JS / CoinMiner solutions (a signature used by ESET solutions) have been concentrated in two countries: Peru (30.72%) and Mexico (17.41). %), and then Ecuador (8.89%), Brazil (7.73%) to Ariannin (7.08%).
Malicious codes continue to be one of the main threats, while they will also be used to make attacks. According to the 2018 ESET Security Report, malware infections are the main cause of security events in Latin American companies.
ESET Daily Research Laboratories receive more than 300,000 unique malware samples, stating that threats of this type are being developed for every practical operating system used today. For example, ESET laboratories indicate, on average, about 300 Android malware samples per month. In addition, it appeared to appear specially designed malware samples to affect Internet devices known as Things; they are being used to make other attacks after being compromised.
During 2018, a number of e-mail scams appeared, focusing on fraudulent users based on the information obtained that was compromised. In many of these campaigns, there was a specific fact, which made the user believe that it could not be fake.
An example is the campaign where the password of the users was the subject of the message, in an attempt to show that they had their personal data and that the correct correction they specified in the text message was genuine. It is estimated that this specific campaign has managed to raise almost half a million dollars. Another example of this type of scams that the particular person had the email came to the user from his own account, which meant that the attacker had access to the potential victim's account.
5. Exploitation of vulnerability
Towards the end of 2017, ESET said that this year is with the highest number of reported weaknesses (14,714), much more than the previous years' records, to date, to date, in 2018, & # 39; This figure has exceeded this figure. According to CVE Details, despite the fact that the year has not yet reached the conclusion, more than 15,300 weaknesses have already registered.
In this context, exploiting some weaknesses is also increasing. To give an example, the discovery of EternalBlue, an audit used during the WannaCry spread, has increased. If these analyzes are compared in May 2017 with some July 2018 (most activity period), there has been an increase of almost 600%, where different families of ramsomware and other malware are trying to take advantage on the vulnerability in the ancient systems.
"It's important to highlight the way in which computer threats evolve and the various attacks that try to compromise assets, so that, in terms of security, the use of defense technology, apply good practice and the use of technology is essential, a constant task of finding out what is happening in cyber-installation. "Mendoza ended.