STOCK TITAN

Deepfakes, AI-Manipulated Audio, and Hijacked Social Media Surge in 2024

Rhea-AI Impact
(Neutral)
Rhea-AI Sentiment
(Negative)
Tags
AI
Rhea-AI Summary

Avast, a brand of Gen™ (NASDAQ: GEN), reports that social engineering threats constitute nearly 90% of all cyberthreats in 2024. These include scams, phishing, and malvertising, which have heavily impacted both mobile and desktop users. YouTube has emerged as a significant channel for cybercriminals, protecting over 4 million unique users in 2023 and 500,000 in early 2024. Sophisticated tactics like deepfake technology and AI-manipulated audio are increasingly used. Additionally, Malware-as-a-Service (MaaS) is on the rise, with information stealers like DarkGate and Lumma Stealer exploiting platforms like Microsoft Teams and YouTube. Market conditions indicate an elevated risk for cyberattacks, emphasizing human vulnerability in digital safety.

Positive
  • Avast protected over 4 million unique users from YouTube threats in 2023.
  • The company detected and defended against 500,000 unique threats in early 2024.
  • Increased adoption of advanced AI technology to identify and mitigate cyber threats.
  • Introduction of comprehensive threat reports helps in better understanding and safeguarding against cyberthreats.
Negative
  • Social engineering threats account for nearly 90% of all cyberthreats in 2024.
  • YouTube has become a significant channel for deploying phishing and malware.
  • A significant rise in sophisticated scams utilizing deepfake technology and AI-manipulated audio.
  • Increasing prevalence of Malware-as-a-Service (MaaS), further exploiting social engineering tactics.
  • Humans identified as the weakest link in digital safety, indicating persistent vulnerabilities.

Insights

The Avast Threat Report highlights a growing concern in the cybersecurity landscape: the increasing reliance on human manipulation for executing cyberattacks. The use of deepfake technology and AI-manipulated audio in scams represents a significant shift towards more sophisticated and harder-to-detect social engineering tactics. By exploiting platforms like YouTube, cybercriminals can bypass traditional security measures and directly target a large, unsuspecting audience.

From a cybersecurity perspective, this trend underscores the importance of developing advanced detection technologies that can differentiate between legitimate and fraudulent content. Moreover, the rise of Malware-as-a-Service (MaaS) is indicative of a more organized and scalable approach to cybercrime, making it easier for less skilled individuals to participate in malicious activities.

For investors, this report signals a strong growth opportunity for companies specializing in AI-driven security solutions and educational initiatives focused on reducing human susceptibility to social engineering. However, the evolving threat landscape also means that existing cybersecurity measures may quickly become outdated, necessitating continuous innovation and investment.

The alarming increase in sophisticated cyberthreats highlighted in Avast's latest report is likely to drive demand for advanced cybersecurity solutions. Companies like Gen™, the parent company of Avast, are well-positioned to benefit from heightened awareness and the pressing need for reliable security software. The focus on human manipulation suggests that traditional security measures are insufficient, amplifying the need for more robust and AI-powered defense mechanisms.

For retail investors, this trend presents an opportunity to invest in cybersecurity firms that are at the forefront of technological innovation. The rise of Malware-as-a-Service (MaaS) also points to a growing market for companies that can offer comprehensive, easy-to-deploy security solutions for businesses of all sizes. However, investors should be mindful of the competitive landscape, as the rapid evolution of threats demands constant adaptation and improvement of existing technologies.

Overall, the cybersecurity sector is likely to experience significant growth, driven by the increasing sophistication of threats and the necessity for advanced solutions. Investors should consider the potential for long-term returns in companies that are pioneering next-generation cybersecurity technologies and services.

Avast Threat Report shows nearly 90% of cyberthreats currently rely on human manipulation

TEMPE, Ariz. and PRAGUE, May 14, 2024 /PRNewswire/ -- Avast, a leader in digital security and privacy and brand of Gen™ (NASDAQ: GEN), has reported that social engineering threats – those which rely on human manipulation – account for most cyberthreats faced by individuals in 2024. According to the latest quarterly Avast Threat Report, which looks at the threat landscape from January-March 2024, scams, phishing and malvertising accounted for 90% of all threats on mobile devices and 87% of threats on desktop. Moreover, the threat research team discovered a significant spike in scams leveraging sophisticated tactics such as using deepfake technology, AI-manipulated audio synchronization, and hijacking of YouTube and other social channels to disseminate fraudulent content.

YouTube: A Potent Gateway for Criminals

While all social media is a natural breeding ground for scams, YouTube has become a significant channel for crime. According to telemetry from Avast, 4 million unique users were protected against threats on YouTube in 2023, and approximately 500,000 were protected in January-March 2024.

Automated advertising systems combined with user-generated content provides a gateway for cybercriminals to bypass conventional security measures, making YouTube a potent channel for deploying phishing and malware. Notable threats on the platform include credential stealers like Lumma and Redline, phishing and scam landing pages, and malicious software disguised as legitimate software or updates.

Scammers have also turned heavily to videos as lures. Whether from stock footage or an elaborate deepfake, scammers are using all video varieties in their threats. One of the most widespread techniques involves exploiting famous individuals and significant media events to attract large audiences. These campaigns often use deep fake videos, created by hijacking official videos from events and using AI to manipulate audio synchronization. These videos seamlessly blend altered audio with existing visuals, making it harder for the untrained eye to tell they're anything but authentic.

Additionally, YouTube serves as a conduit to Traffic Distribution Systems (TDS), directing people to malicious sites and supporting scams ranging from fake giveaways to investment schemes.

Some of the most common tactics through which YouTube is exploited for scams include:

  1. Phishing Campaigns Targeting Creators: Attackers send personalized emails to YouTube creators proposing fraudulent collaboration opportunities. Once trust is established, they send links to malware under the guise of software needed for collaboration, often leading to cookie theft or account compromise.
  2. Compromised Video Descriptions: Attackers upload videos with descriptions containing malicious links, masquerading as legitimate software downloads related to gaming, productivity tools, or even antivirus programs, tricking users into downloading malware.
  3. Channel Hijacking for Scams: By gaining control of YouTube channels through phishing or malware, attackers repurpose these channels to promote scams – such as cryptocurrency scams – often involving fake giveaways that require an initial deposit from viewers.
  4. Exploitation of Software Brands and Legitimate-Looking Domains: Attackers create websites that mimic reputable companies that people trust and offer illegitimate downloadable software.
  5. Social Engineering via Video Content: Attackers post tutorial videos or offers for cracked software, guiding people to download malware disguised as helpful tools. This tactic takes advantage of people seeking free access to otherwise paid services or software, leveraging YouTube's search and recommendation algorithms to target potential victims.

The Growing Business of Malware-as-a-Service (MaaS)

With scams surging, cybercriminals are capitalizing on a new business opportunity: Malware-as-a-Service (MaaS). Through this model, organized crime groups are able to recruit smaller-scale criminals who want to make quick money by distributing malware on behalf of the group. These criminals can purchase malware, subscribe to it or share profits in a commission-style partnership.

The most common malware utilized in MaaS are information stealers, which are continuing to find new distribution channels. For example, DarkGate was observed to be spread via Microsoft Teams, using phishing. Lumma Stealer, another MaaS information stealer, continues to spread via cracked software propagated on YouTube, using fake tutorials to mislead victims. This further emphasizes that such strains – and their creators – never miss an opportunity to leverage social engineering to distribute malware.

"In the first quarter of 2024, we reported the highest ever cyber risk ratio – meaning the highest probability of any individual being the target of a cyberattack," said Jakub Kroustek, Malware Research Director at Gen. "Unfortunately, humans are the weakest link in the digital safety chain, and cybercriminals know it. They pray on human emotions and the quest for knowledge to infiltrate people's lives and devices for financial gain."

For more information and to read the full Avast Q1/2024 threat report, visit https://decoded.avast.io/threatresearch/avast-q1-2024-threat-report/ 

About Avast

Avast is a leader in digital security and privacy, and part of Gen™ (NASDAQ: GEN), a global company dedicated to powering Digital Freedom with a family of trusted consumer brands. Avast protects hundreds of millions of users from online threats, for Mobile, PC or Mac are top-ranked and certified by VB100, AV-Comparatives, AV-Test, SE Labs and others. Avast is a member of the Coalition Against Stalkerware, No More Ransom and Internet Watch Foundation. Learn more at Avast.com. Visit: www.avast.com.

Brittany Posey-Thomas

Courtney Rowles

Gen

Edelman for Gen

Press@GenDigital.com

Courtney.Rowles@edelman.com

 

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/deepfakes-ai-manipulated-audio-and-hijacked-social-media-surge-in-2024-302144256.html

SOURCE Gen Digital Inc.

FAQ

What percentage of cyberthreats in 2024 are due to social engineering?

Nearly 90% of cyberthreats in 2024 rely on social engineering.

How many unique users did Avast protect from YouTube threats in 2023?

Avast protected over 4 million unique users from YouTube threats in 2023.

What is the stock symbol for Gen, the parent brand of Avast?

The stock symbol for Gen is NASDAQ: GEN.

What new tactics are cybercriminals using in scams according to Avast's report?

Cybercriminals are using deepfake technology and AI-manipulated audio in scams.

What is Malware-as-a-Service (MaaS) and how is it impacting cyberthreats?

MaaS allows organized crime groups to recruit smaller criminals to distribute malware, increasing the spread of information stealers like DarkGate and Lumma Stealer.

Which platforms are being exploited by information stealers like DarkGate and Lumma Stealer?

Information stealers like DarkGate and Lumma Stealer are exploiting platforms such as Microsoft Teams and YouTube.

Gen Digital Inc.

NASDAQ:GEN

GEN Rankings

GEN Latest News

GEN Stock Data

17.98B
559.19M
9.25%
86.59%
2.37%
Software - Infrastructure
Services-prepackaged Software
Link
United States of America
TEMPE