Kaspersky Reports Increase in Cyber Threats in Q3 2024
/ 3 min read
Quick take - In the third quarter of 2024, Kaspersky reported a notable rise in cyber threats, blocking over 652 million attacks, identifying significant ransomware activity, particularly from the RansomHub gang, and highlighting a concerning trend in the evolving landscape of cybersecurity challenges.
Fast Facts
- Kaspersky reported over 652 million cyber attacks blocked in Q3 2024, with ransomware affecting over 90,000 users, primarily from the RansomHub gang.
- The company identified 109 million unique malicious links and blocked more than 23 million malicious objects through its Web and File Anti-Virus systems.
- A total of 2,109 new ransomware variants were detected, alongside three new ransomware families, indicating a concerning trend in ransomware activities.
- Significant arrests were made, including individuals linked to the Reveton and LockBit ransomware operations, with damages totaling millions.
- The report highlighted a 12% decrease in miner-related attacks, while Telnet attacks dominated IoT device security threats, particularly in India.
Kaspersky Reports Significant Increase in Cyber Threats in Q3 2024
In the third quarter of 2024, cybersecurity firm Kaspersky reported a significant increase in cyber threats, blocking over 652 million attacks across various online platforms. The company’s Web Anti-Virus system identified 109 million unique malicious links, while its File Anti-Virus successfully blocked more than 23 million malicious and potentially unwanted objects. Ransomware attacks affected over 90,000 users during this period, with RansomHub identified as the most prolific ransomware gang, accounting for 17.75% of all ransomware victims.
Ransomware Trends and Arrests
Approximately 18% of victims listed on ransomware gangs’ data leak sites were connected to RansomHub. The report highlighted a concerning trend in ransomware activities, with Kaspersky detecting three new ransomware families and identifying 2,109 new ransomware variants. The number of users attacked by ransomware Trojans increased compared to the previous quarter, with Kaspersky defending 90,423 individual users from ransomware attacks between July and September 2024. The most affected countries included Israel, China, and Libya, where well-known ransomware families like WannaCry and LockBit remained prevalent.
In a related development, three cybercriminals linked to significant ransomware operations were apprehended. An individual was arrested in Spain for ties to the Reveton ransomware Trojan, which was active from 2012 to 2014. Two others previously arrested for spreading LockBit pleaded guilty, with one causing damages estimated at $1.9 million and the other causing damages of about $500,000 from 2020 to 2023.
Decline in Miner-Related Attacks and IoT Security
Kaspersky’s findings also revealed a decline in miner-related attacks, with 297,485 unique user devices affected. The report noted a 12% decrease in miner variants, with Kaspersky detecting 15,472 new miner variants. Attackers continued to exploit vulnerabilities in various systems, with the Akira ransomware targeting SonicWall devices and both Akira and Black Basta attacking VMware ESXi through hypervisor vulnerabilities. On the macOS front, password stealers posed a significant threat, with new subscription-based stealers like Banshee Stealer and Ctulhu Stealer being distributed via Telegram and dark web forums. A new backdoor, HZ Rat, was found targeting users of Chinese messaging services.
In terms of Internet of Things (IoT) device security, Telnet attacks accounted for 98.69% of all attacks, with India experiencing a rise in such attacks. Conversely, SSH attacks from mainland China and the United States decreased.
Kaspersky’s report underscored the significant global impact of cybersecurity threats, with 13.53% of user computers worldwide facing at least one local malware threat in Q3 2024. The highest risk of local infection was reported in Turkmenia, Afghanistan, and Yemen. Overall, the findings highlight the evolving landscape of cyber threats and the persistent need for robust cybersecurity measures.
Original Source: Read the Full Article Here
