HP Inc released its latest global “Threat Insights Report,” which provides analysis of common cybersecurity attacks and vulnerabilities. Research indicated “significant” increases in the frequency and sophistication of cybercrime activity, with about 34 percent of the malware identified as “previously unknown.” Additionally, HP logged a 65 percent rise in the use of hacking tools downloaded from underground forums and file-sharing websites.
Other statistics of note included malware being 75 percent email based, 24 percent growth in threats downloaded by web browser and fake invoices and business transactions accounting for 49 percent of lures. Most-common malicious attachments including archive files (29 percent), spreadsheets (23 percent), documents (19 percent) and executable files (19 percent).
Common, widely circulated hacking tools included ones that can solve CAPTCHA using “computer vision techniques” such as optical character recognition, in order to perform credential-stuffing attacks.
Other notable threats included:
- Dridex affiliates selling credentials to threat actors for distribution as malware.
- The use of CryptBot malware, for siphoning credentials from cryptocurrency wallets and web browsers, to deliver the DataBot banking trojan.
- Visual Basic Script downloader campaigns sharing malicious .ZIP attachments named after the executives it targets.
- Malicious spam campaigns, exploiting a Microsoft Office vulnerability, against shipping, maritime, logistics and related companies in the U.S., U.K., Japan and other countries.
Findings are based on research compiled by HP Wolf Security, from the H2, 2020 through H1, 2021.
