A new report from BlackBerry reveals that threat actors are launching an attack about once every minute, with the resurgence of the Emotet botnet, phishing attacks and infostealers dominating the attack landscape.
The Ontario-based intelligent security software and services provider’s first Global Intelligence Report on the fourth quarter of 2022 find that the company’s AI-driven prevention-first technology stopped more than 1.75 million malware-based attacks.
According to BlackBerry, the most common tools used in attacks include the Emotet botnet, the Qakbot phishing threat and an increase in infostealers such as GuLoader.
Other highlights from the report include threats targeting macOS systems. Despite the prevailing opinion, BlackBerry says macOS is not a safer platform due to it being used less among enterprise systems. That opinion could be giving IT managers a false sense of security, the company says.
According to Blackberry, the most malicious application on macOS was Dock2Master, which collects users’ data from its own surreptitious ads. More than a third of BlackBerry’s client organizations using macOS had Dock2Master on their network, the report finds.
In addition, BlackBerry’s report explores the increasing number of attacks against Linux platforms and how less mainstream programming languages such as GoLang are being used to develop cross-platform malware.
The report also found that RedLine, an infostealer capable of stealing credentials from browsers, crypto wallets, FTP and VPN software, and other targets was the most active and widespread infostealer last quarter. RedLine preys upon technology used to support remote and hybrid employees, and threat actors are using RedLine to steal credentials to sell to other threat actors for initial access.
For 2023, the company expects these trends to continue, but also says ransomware and other attacks will continue to target medical organizations and critical infrastructure. In addition, attacks against Linux systems and cloud infrastructure will increase as threat actors look to install backdoors on target systems and gain visibility into organizations for further activities.
Ismael Valenzuela, vice President of threat research and intelligence at BlackBerry, says threat reports can help provide insight into overall trends and help organizations make informed decisions about their security.
“Our public and private reports are written by our top threat researchers and intelligence analysts, world-class experts that not only understand the technical threats but also the global and local geopolitical situation, and how it affects organizational threat models in each region,” Valenzuela says. “This expertise allows us to provide actionable and contextualized threat intelligence to increase cyber resilience and to enable mission and business objectives.”
