Ransomware, Scams Taking Advantage of Pandemic New Habits, and Fleeceware Among the Top Threats of 2021
Avast (LSE:AVST) reported a surge in cyber threats during 2021, particularly due to the ongoing influence of the Covid-19 pandemic. Ransomware attacks targeting consumers increased by 38%, while businesses faced a 32% rise in ransomware risks. Notable scams included sextortion and tech support fraud, with over 500,000 sextortion attempts blocked. Malware focused on cryptocurrency, such as Crackonosh and BluStealer, contributed to significant losses. Mobile threats, especially adware, also escalated, affecting user data globally. Avast aims to enhance public awareness of these cyber risks as we move into 2022.
- Increased awareness of cyber threats may drive demand for Avast's security products.
- Avast's advanced threat detection network strengthens its market position.
- Ransomware attacks targeting consumers rose by 38%, indicating a growing threat landscape.
- Businesses experienced a 32% increase in ransomware risks, potentially affecting their operational stability.
- Escalating sextortion and tech support scams highlight vulnerabilities in user security.
- Malware focused on cryptocurrencies resulted in substantial financial losses for users.
PRAGUE, Nov. 30, 2021 /PRNewswire/ -- Avast (LSE:AVST), a global leader in digital security and privacy, looks back at the prevalent cyberthreats of 2021. Cybercriminals continued to take advantage of the Covid-19 pandemic, exploiting people's habits formed during lockdown to spread scams. Ransomware and cryptocurrency malware and scams continued to prevail, and on the mobile side, adware and fleeceware were among the top threats.
"The pandemic has changed nearly every aspect of everyone's lives, and that includes the cyberworld too," said Michal Salat, director of threat intelligence at Avast. "Attackers' methods are becoming more sophisticated. Cybercriminals are using techniques that make them harder to spot and carrying out more personalised cyber attacks. They are also adding new spins on tried and tested techniques, especially in social engineering type of attacks like scams."
Businesses and consumers heavily targeted by Ransomware attacks
Ransomware attacks persisted in 2021, with businesses like Kia Motors, Acer, Colonial Pipeline Company, and Managed Service Provider, Kaseya, being infected. Avast observed a
Businesses globally also experienced an increased number of attacks during the past 5 months of the year (June-October). The chances for them being targeted by ransomware grew by
Sextortion, Parcel Delivery and Tech Support scams
Cybercriminals persisted to use the pandemic to their advantage, spreading scams and phishing attacks to exploit people's new habits, like online communications and shopping.
Earlier this year, Avast researchers saw a flood in sextortion scams with over 500,000 sextortion scams blocked. This campaign takes advantage of the increased use of video conferencing services during the Covid-19 pandemic, falsely claiming to have accessed a user's device and camera. Users in several countries have also been receiving SMS messages linking to a banking Trojan called "FluBot", which impersonates parcel delivery companies in order to steal credentials and other personal data, and being targeted by tech support scams. These trick victims into believing their computer has been infected by malware and that their only recourse is to call a phone hotline for technical support, which in reality is unnecessary.
In general, phishing attacks continued to increase during 2021. The chances of businesses encountering phishing scams has increased by
Cryptocurrency-focused scams and malware
This year, our Threat Labs team identified a wide variety of new threats aimed at profiting from or mining cryptocurrencies at users' expenses. Some of the main ones that impacted many countries around the world were Crackonosh, and BluStealer. The former was included in cracked versions of major games, and is a cryptocurrency mining malware. The latter, BluStealer is a keylogger, document uploader and cryptocurrency thief in a single malware that, like FluBot, took advantage of people ordering online during the pandemic and spread through a malicious spam campaign (malspam).
In addition to Crackonosh and BlueStealer, Avast researchers also found cryptocurrency-stealing malware that was distributed through HackBoss, a Telegram channel which, at the time of discovery, had stolen over
Mobile threats continued to spread and diversify with lockdown restrictions
Adware still is the most significant threat on Android phones and tablets in the world. Globally,
Fleeceware apps also proved to be a serious concern to users in 2021. Avast discovered more than 200 new fleeceware applications on the Apple App Store and the Google PlayStore. These apps promised free trials but ended up extracting hundreds of dollars from their users through subscription services. Most recently, Avast discovered fraudulent sites masquerading as national postal services from various countries in Europe, including retail shops from the Czech Republic, Russia, Sweden and the Ukraine.
Risks to users were not only originated by bad actors in 2021. Early September, Avast researchers found more than 19,300 Android apps that potentially exposed user data due to an incorrect configuration of the Firebase database - an Android tool that developers can use with the purpose of storing user data. This affected a wide range of different apps, including lifestyle, fitness, gaming, food delivery and mailing apps in regions around the world and exposed Personally Identifiable Information (PII) such as names, addresses, location data and, in some cases, even passwords.
Looking back
"Cybercriminals kept up many of their tricks this year, using social engineering to spread malware to get their hands on people's money, abusing technology such as stalkerware to violate people's privacy or deceiving vulnerable audiences into paying for fleeceware apps or unneeded tech support," concludes Michal Salat. "We are seeing increasing online harms that affect how people experience the digital world. Everyone is being targeted, from everyday users to hospitals and oil pipelines to food companies globally. We hope by raising awareness around what we observed this year, we can help prevent people from falling victim in 2022."
About Avast:
Avast (LSE:AVST), a FTSE 100 company, is a global leader in digital security and privacy, headquartered in Prague, Czech Republic. With over 435 million users online, Avast offers products under the Avast and AVG brands that protect people from threats on the internet and the evolving IoT threat landscape. The company's threat detection network is among the most advanced in the world, using machine learning and artificial intelligence technologies to detect and stop threats in real time. Avast digital security products for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others. Avast is a member of Coalition Against Stalkerware, No More Ransom, and the Internet Watch Foundation. Visit: www.avast.com.
Keep in touch with Avast:
- For security and privacy insights, visit the Avast blog: https://blog.avast.com/
- For handy guides, advice and tips, visit Avast Academy: https://www.avast.com/c-academy
- For more information about Avast visit: https://www.avast.com/en-gb/about and https://www.avast.com/company-faqs
- Follow us on Twitter: @Avast
- Join our LinkedIn community: https://www.linkedin.com/avast
- Visit our Facebook group: www.facebook.com/avast
Media Contact:
pr@avast.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/ransomware-scams-taking-advantage-of-pandemic-new-habits-and-fleeceware-among-the-top-threats-of-2021-301433839.html
SOURCE Avast Software, Inc.
FAQ
What is Avast's recent report on cyber threats?
How much did ransomware attacks increase for consumers according to Avast?
What types of scams did Avast identify in their report?
What is the significance of Avast's threats report for investors in AVTTY?