Oasis Ticket Sales Scams: How to Stay Safe
During our weekly meetings with the banking industry and Police Scotland, we continue to see a significant increase in ticket scams over the last three…
Information-stealing malware sees spike in popularity
Researchers at Accenture’s Cyber Threat Intelligence team have written a report documenting a surge in the popularity of information stealing (infostealer) malware on the dark web.
The spike in infostealer’s popularity is not only down to the ability to harvest usernames and passwords from infected devices but is also because of the malware’s ability to harvest cookie data, which can allow threat actors to bypass multi-factor authentication (MFA). The rise is also due to the popularity of compromised credential marketplaces, where threat actors can buy and sell stolen credentials. The researchers noted that there had been an increase in the number of credentials for sale between July and October 2022, with one of the most popular sites seeing a 40% increase in sales in that time – jumping from 3.3 million to 4.5 million logs available for sale.
The researchers were also able to document the infostealing malware most seen in attacks between July and October 2022, with the malware variant RedLine being used the most by threat actors.
Preventions:
Malware can pose a significant risk to individual devices, organisations, networks, and services. Some types of malware are designed to look for other devices connected to the network of the host device to infect. This may be not only laptops and PCs but also servers and internet-of-things devices. An infected device brought into a work environment can pose a significant security risk and could allow malicious users into your network.
To protect your organisation against malware:
- Ensure that a system administrator must approve any new software before being downloaded
- Keep your antivirus turned on and updated on all work devices
- Regularly check that all your devices and software are on the latest updates
- Limit the use of USB drives within your organisation. You can do this by blocking access to physical USB ports to most users, as well as by only allowing approved drives to be used with your organisation’s devices (and nowhere else)
- Educate staff on the dangers of malware and where it can originate from, such as from phishing emails or malicious or compromised websites.
- Use a non-administrator account for day-to-day activities – only use admin accounts for administrative purposes on your network
Related Links:
https://www.accenture.com/us-en/blogs/security/information-stealer-malware-on-dark-web – Published 5th of December
https://www.cybersecuritydive.com/news/infostealer-malware-surge-dark-web-mfa-fatigue-attacks/637977/ – Published 5th of December
Related articles
Alert: Unpatched Microsoft Office Vulnerability Exposes NTLM Hashes
Microsoft has recently disclosed a significant security vulnerability affecting multiple versions of its Office suite, including Office 2016, Office 2019, Office LTSC 2021 and Microsoft…
Public Alert: Windows 11 End of Support – Action Required
Microsoft has issued an important reminder that multiple editions of Windows 11 will reach the end of their support lifecycle on 8 October 2024. This…