ESET Threat Report details how war in Ukraine has changed the threat landscape
Roman Kováč, Chief Research Officer at ESET
ESET has released its T1 2022 Threat Report, summarising key statistics from ESET detection systems and highlighting notable examples of ESET’s cybersecurity research.
The latest issue of the ESET Threat Report recounts the various cyberattacks connected to the ongoing war in Ukraine that ESET researchers analysed or helped to mitigate. This includes the resurrection of the infamous Industroyer malware, attempting to target high-voltage electrical substations.
ESET telemetry also recorded other changes in the cyberthreat realm that might have a connection to the situation in Ukraine. The war has also been noticeably exploited by spam and phishing threats. After the invasion on February 24, ESET telemetry detected a large spike in spam detections, as scammers started to take advantage of people trying to support Ukraine, using fictitious charities and fundraisers as lures.
The ESET T1 2022 Threat Report reviews the most important research findings, with ESET Research uncovering: the abuse of kernel driver vulnerabilities; high-impact UEFI vulnerabilities; cryptocurrency malware targeting Android and iOS devices; a yet-unattributed campaign deploying the DazzleSpy macOS malware; and the campaigns of Mustang Panda, Donot Team, Winnti Group, and the TA410 APT group.
The report also contains an overview of the numerous talks given by ESET researchers in T1 2022, and introduces talks from the RSA and REcon conferences in June 2022, showcasing ESET Research’s discovery of Wslink and ESPecter. These appearances will be followed by a talk at the Virus Bulletin Conference in September 2022.