Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Megacart threat. Show all posts

The MOVEit Breach Might be the Biggest Cyberattack in 2023


Despite the series of malicious cyber attacks witnessed in 2023, with a number of new trends and tactics in the campaigns, one of the breaches that stood out was the breach of the file transfer service MOVEit.

In a new report published by ESET, it was revealed that in addition to its extensive effects, the MOVEit hack was significant since its perpetrators, Cl0p, did not use any ransomware.

Additionally, the campaign leaked the stolen data from victim organizations on a public website—another example of a novel tactic used by cybercriminals. The infamous ALPHV/BlackCat ransomware gang, who were also active this year, were also seen adopting this strategy. 

Emerging Trends

ESET, in its report, notes that because of the scale at which the MOVEit hack transpired, it was probably too much effort for Cl0p to encrypt each victim it captured. ESET cites data from Emsisoft, which projects that there will be more than 2,600 impacted organizations after six months. 

These victims ranged from government agencies, schools and healthcare, to major organizations like Sony and PricewaterhouseCoopers (PwC).

Another emerging tactic adopted by cybercriminals was using AI tools in their attack campaigns, taking into account the boom in technology in 2023 and the wake of ChatGPT’s public release in November 2022. 

Several campaigns have utilized AI tools like ChatGPT and spoofing domains that sound similar to ChatGPT. These domains include web applications that compromise user privacy by using the OpenAI API keys unsafely.

The Lumma hacker, who was extremely successful at stealing cryptocurrency wallets, was another phenomenon of the year. It alone accounted for 80% of detections in this industry and caused a 68% increase in crypto theft this year. In addition, the Lumma malware has been collecting login credentials and other data; between H1 and H2 2023, the total number of Lumma detections tripled. 

Moreover, the infamous Megacart threat, which has been a concern to retailers since 2015, still remains persistent and has developed into a stronger threat this year. It inserts code into insecure websites in order to collect user data, including credit card numbers. There was a 343% increase in detections between 2021 and 2023. 

Jiří Kropáč, Director of Threat Detection at ESET, concludes that "these developments show an ever-evolving cybersecurity landscape, with threat actors using a wide range of tactics." With the emergence of AI technology and evolving tactics of threat actors in 2023, it is anticipated that the situation is only going to worsen in the coming years, making it more important for organizations to take better safety measures to protect their systems from future cyberattacks.