TORONTO, ON–After months of abusing the COVID-19 theme in their campaigns, cybercriminals appear to have returned to their usual tactics in the third quarter of 2020. And according to ESET’s just released Q3 2020 Threat Report an area where the risks remain particularly high is remote work.
ESET telemetry showed further growth in attacks targeting Remote Desktop Protocol (RDP), which grew throughout the first half of 2020. While the number of unique clients targeted rose by more than a third, the total number of attack attempts surged by 140 percent.
The report and its findings were exclusively presented during the “ESET European Cyber Security Day – Towards a Secure Post-COVID Future” virtual event.
“The continued rise in RDP attacks may be a result of the growing number of poorly secured systems being connected to the Internet during the pandemic, or possibly other criminals taking inspiration from ransomware gangs in targeting RDP,” said Jiří Kropáč, head of threat detection labs at ESET.
Other key trends observed were the revival of cryptominers, Emotet returning to the scene after months of inactivity, and Android banking malware surging following the source code release of the notorious mobile banking trojan Cerberus.
The ESET Q3 2020 Threat Report also reviewed the most important findings and achievements by ESET researchers. These included:
- Uncovered more Wi‑Fi chips vulnerable to KrØØk-like bugs;
- Exposed Mac malware bundled with a cryptocurrency trading application;
- Discovered CDRThief targeting Linux VoIP softswitches; and
- Delved into KryptoCibule, a triple threat in regard to cryptocurrencies.
The exclusive research presented in the Q3 2020 Threat Report includes campaigns leveraging malicious MAXScripts, the spread of Latin American banking trojans to Europe, new activity of the TA410 threat group, and a look into the updated arsenal of the Gamaredon Group.