Latest cybercrime sophistication revealed by HP cybersecurity. The latest global Threat Insights Report, provides analysis of real-world cybersecurity attacks and vulnerabilities. The research shows a significant increase in the frequency and sophistication of cybercrime activity, including a 65% rise in the use of hacking tools downloaded from underground forums and file sharing websites from H2 2020 to H1 2021 .
The researchers noted hacking tools in wide circulation were surprisingly capable. For example, one tool can solve CAPTCHA challenges using computer vision techniques, namely optical character recognition (OCR), in order to perform credential stuffing attacks against websites. More broadly, the report found that cybercrime is more organized than ever, with underground forums providing a perfect platform for threat actors to collaborate and share attack tactics, techniques and procedures.
“The proliferation of pirated hacking tools and undergroundforums are allowing previously low-level actors to pose serious risks to enterprise security,” says Dr. Ian Pratt, Global Head of Security, Personal Systems, HP Inc.
“Simultaneously, users continue to fall prey to simple phishing attacks time and time again. Security solutions that arm IT departments to stay ahead of future threats are key to maximizing business protection and resilience,” further states Dr.Ian Pratt.
Notable threats isolated by HP Wolf Security included:
The findings are based on data from HP Wolf Security, which tracks malware within isolated, micro-virtual machines to understand and capture a full infection chain and help to mitigate threats. By better understanding the behavior of malware in the wild, HP Wolf Security researchers and engineers are able to bolster endpoint security protections and overall system resilience.
“The cybercrime ecosystem continues to develop and transform, with more opportunities for petty cybercriminals to connect with bigger players within organized crime, and download advanced tools that can bypass defenses and breach systems,” observes Alex Holland, Senior Malware Analyst, HP Inc.
Also added, “We’re seeing hackers adapt their techniques to drive greater monetization, selling access on to organized criminal groups so they can launch more sophisticated attacks against organizations. Malware strains like CryptBot previously would have been a danger to users who use their PCs to store cryptocurrency wallets, but now they also pose a threat to businesses. We see info stealers distributing malware operated by organized criminal groups – who tend to favor ransomware to monetize their access.”
Other key findings in the report include:
“Cybercriminals are bypassing detection tools with ease by simply tweaking their techniques. We saw a surge in malware distributed via uncommon file types like JAR files – likely used to reduce the chances of being detected by anti-malware scanners,” comments Holland. “The same old phishing tricks are reeling in victims, with transaction-themed lures convincing users to click on malicious attachments, links and web pages.”
“As cybercrime becomes more organized, and smaller players can easily obtain effective tools and monetize attacks by selling on access, there’s no such thing as a minor breach,” concludes Pratt. “The endpoint continues to be a huge focus for cybercriminals. Their techniques are getting more sophisticated, so it’s more important than ever to have comprehensive and resilient endpoint infrastructure and cyber defense. This means utilizing features likethreat containment to defend against modern attackers,minimizingthe attack surface by eliminating threats from the most common attack vectors – email, browsers, and downloads.”