Avast Blocks Record Breaking 10 Billion Attacks in 2023, Nearly a 50% Increase from Previous Year
- None.
- The surge in cyber threats and attacks indicates the growing sophistication of cybercriminals, posing a significant challenge to digital security and privacy. The use of new techniques like exploiting Google to steal information and the adaptation of advanced methods like deepfake videos for scams highlight the evolving nature of cyber threats, making it increasingly difficult to distinguish between real and fabricated content.
Insights
The significant increase in cyber threats, as reported by Avast with a 49% year-over-year surge, indicates a growing challenge for businesses in maintaining digital security. The transition from social engineering to exploiting digital mediums like PDF files and deepfakes represents an evolution in cybercriminal tactics. This shift necessitates a reassessment of cybersecurity strategies, as traditional defenses may be less effective against these sophisticated methods.
Businesses must now consider the implications of such threats on their operations and reputation. The rise in PDF-based attacks, for example, could lead to increased scrutiny of document management and email security protocols. Companies should also be aware of the potential for deepfake technology to compromise trust in digital communications, which could have far-reaching effects on customer relations and brand integrity.
The exploitation of Google OAuth endpoints for stealing authentication cookies raises significant data privacy concerns. The ability for threat actors to access login information and sensitive data could lead to breaches of personal and corporate data, with substantial legal and financial repercussions. This highlights the importance of robust privacy measures and the need for continuous monitoring and updating of access management systems.
Organizations must ensure compliance with data protection regulations such as GDPR and CCPA, as failure to protect user data can result in hefty fines and loss of consumer trust. Furthermore, the use of authentication cookies by attackers underscores the need for multi-factor authentication and advanced monitoring to detect unusual access patterns.
The report by Avast indicates a heightened level of risk for IT infrastructure, with the adoption of malware-as-a-service stealers such as Lumma. This trend suggests that cybercriminals are not only becoming more sophisticated but are also leveraging economies of scale, which can lead to an increase in the frequency and severity of attacks.
Organizations must evaluate their risk management strategies and consider investments in advanced threat detection and response capabilities. It is crucial to adopt a proactive approach to IT security, integrating regular security assessments and employee education on the latest threats. The cost of such investments should be weighed against the potential damages of a cyber incident, including operational disruption, data loss and reputational damage.
Malicious push notifications, PDF deception, cookie exploiting information stealers and more in Q4 2023
"In the past three months, we have seen cybercriminals move from relying only on social engineering to further exploiting trusted digital mediums, be it highly believable deepfake video scams or threats spreading through PDF files," explains Jakub Křoustek, Malware Research Director for Avast. "This trend not only reflects the ever-changing methods of cybercriminals but also highlights the vulnerabilities inherent in our everyday digital life. Now more than ever, people need to verify what they encounter online and utilize tools to help stay safe."
Careful What You Open: PDF File Deception
In the last quarter of 2023, Avast blocked more than 10 million PDF-based attacks, protecting more than 4 million users worldwide. Threat actors turned their attention to PDF files in the final months of the year, weaving a complex web of attacks. Avast researchers observed a spectrum of PDF-related threats and scams, ranging from simple lottery and dating scams, to documents containing deceptive information such as phishing links directing people to pages mimicking well-known brands like Netflix or Amazon. Researchers also saw an uptick in complex campaigns delivering more sophisticated threats like password stealers such as AgentTesla.
The proliferation of PDF-based cyber threats underscores a significant shift in the tactics of cybercriminals. PDF files are popular due to their platform-agnostic nature, which allows them to be seamlessly opened from any device, making them the ultimate delivery payload. Furthermore, PDF attachments are often allowed by default by spam gateways, adding another layer of vulnerability.
Scams Get More Aggressive, From Push Notifications to Deepfakes
Web threats continued to dominate, with scams, phishing, and malvertising ranking as the top threat types overall. The use of malicious browser push notifications escalated, becoming a preferred tool for scammers across various domains, from adult content sites to technical support scams.
Beyond the methods of delivery for scams, AI continues to help criminals create more believable scams. Deepfake videos, especially those endorsing investment scams, displayed a heightened level of sophistication in the final quarter of the year, challenging the ability to distinguish between real and fabricated content.
Information Stealers Exploit Cookies
The final quarter of 2023 also brought a new and interesting stealing capability which was rapidly adapted by information stealers: abusing the Google OAuth endpoint, which is used for synchronizing accounts across Google services, for recovering authentication cookies. This type of cookie can store a unique identifier that verifies a user's identity and permissions when accessing websites. With authentication cookies, threat actors are able to gain access to login information and other sensitive data. One of the first info-stealers to adapt this technique was Lumma, a rapidly rising malware-as-a-service stealer, with others quickly following.
For more information and to read the full Avast Q4/2023 threat report, visit https://decoded.avast.io/threatresearch/avast-q4-2023-threat-report
About Avast
Avast is a leader in digital security and privacy, and part of Gen™ (NASDAQ: GEN), a global company dedicated to powering Digital Freedom with a family of trusted consumer brands. Avast protects hundreds of millions of users from online threats, for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others. Avast is a member of the Coalition Against Stalkerware, No More Ransom and Internet Watch Foundation. Learn more at Avast.com. Visit: www.avast.com.
Brittany Posey-Thomas | Courtney Rowles |
Gen | Edelman for Gen |
View original content to download multimedia:https://www.prnewswire.com/news-releases/avast-blocks-record-breaking-10-billion-attacks-in-2023-nearly-a-50-increase-from-previous-year-302056082.html
SOURCE Gen Digital Inc.
FAQ
How many attacks did Avast block in 2023?
What are the top threat types according to the Avast Threat Report?
What new techniques of exploiting Google to steal information were observed in the report?
What is the significance of the surge in PDF-based cyber threats?
What type of videos displayed a heightened level of sophistication in the final quarter of 2023?
