ESET Resource Center

ESET Threat Report H1 2023

July 2023

ESET Threat Report H1 2023

The latest ESET Threat Report brings changes that aim at making its content more engaging and accessible. One notable modification is our new approach to data presentation: Rather than detailing all of the data changes within each detection category, our intention is to provide more in-depth analyses of selected, notable developments. Another notable update is the change in publication frequency, transitioning from a triannual to a semiannual release schedule.
In this issue, we focus on the highlights of H1 2023, covering the period from December 2022 to May 2023. When comparing this period to H2 2022, we refer to the timeframe from June 2022 to November 2022.
 
In H1 2023, we observed trends highlighting cybercriminals’ remarkable adaptability and relentless pursuit of new avenues to achieve their nefarious goals – be it through exploiting vulnerabilities, gaining unauthorized access, compromising sensitive information, or defrauding individuals. One of the reasons for these shifts in attack patterns is the stricter security policies introduced by Microsoft, particularly on opening macro-enabled files.
 
Our telemetry data also suggest that operators of the once-notorious Emotet botnet have struggled to adapt to the shrinking attack surface, possibly indicating that a different group acquired the botnet. In the ransomware arena, actors increasingly reused previously leaked source code to build new ransomware variants. While this allows amateurs to engage in ransomware activities, it also enables defenders like us to cover a broader range of variants, including newly emerging ones, with a more generic set of rules and detections.
 
Although cryptocurrency threats have been steadily declining in our telemetry, cryptocurrency-related cybercriminal activities continue to persist, with cryptomining and cryptostealing capabilities increasingly incorporated into more versatile malware strains. This evolution follows a pattern observed in the past when malware, such as keyloggers, was initially identified as a separate threat, but eventually became a common capability of many malware families.
 
Looking at other threats focused on financial gain, we observed a comeback of so-called sextortion scam emails, exploiting people’s fears related to their online activities, and an alarming growth of deceptive Android loan apps masquerading as legitimate personal loan services.
 
Download the report and learn a lot more!

Don't miss out

PREMIUM CONTENT

WHITE PAPERS


Prevention first: Leveraging Cyber Threat Intelligence for Proactive Defense

Explore the current challenges of prevention, how closely is prevention intertwined with CTI, and what new features are part of the ESET Threat Intelligence. Read for free!

PREMIUM CONTENT

WHITE PAPERS


Cybersecurity in an AI-turbocharged Era

AI can be used for both good and evil. Find out how it transforms the world of digital security, how cybercriminals use it, and how ESET leverages the technology to keep you secured.

PREMIUM CONTENT

HANDBOOKS


Prevention first: Minimizing the Attack Surface and Closing Compliance Gaps

Prevention is key when protecting your company against threats. Learn about mobile protection, cloud protection, and the benefits of managing them from one console.
 

Ready for next step?

Enter the world of enterprise protection