• Hackers are tricking victims into scam-yourself attacks with fake

    From TechnologyDaily@1337:1/100 to All on Wednesday, December 25, 2024 09:45:05
    Hackers are tricking victims into scam-yourself attacks with fake tutorials, CAPTCHAs, and updates

    Date:
    Wed, 25 Dec 2024 09:33:00 +0000

    Description:
    Report uncovers rising cyber threats with alarming increases in ransomware, data-stealing malware, and sophisticated social engineering tactics.

    FULL STORY ======================================================================AI continues to play a dual role in cybersecurity Lumma Stealer rises 1154%, marking a new malware peak Outdated systems remain vulnerable to ransomware

    In its recent Q3 2024 Threat Report , Gen highlights alarming trends that reveal the rising complexity of cyber threats, highlighting that as cybercriminals refine their methods, the dual role of AI becomes evident.

    While AI can be weaponized to enhance attacks by proliferating realistic deepfakes and highly convincing phishing campaigns, AI tools also serve as a crucial defense mechanism.

    With cyber threats becoming more sophisticated and harder to detect,
    awareness and proactive measures are essential for safeguarding sensitive information. Social engineering tactics take center stage

    Cybercriminals increasingly use social engineering tactics to deceive
    millions into compromising their security. Quarter-over-quarter, there has been a 614% rise in Scam-Yourself Attacks which use psychological
    manipulation to trick individuals into unintentionally installing malware on their own devices.

    Attackers will use fake tutorials shared on popular platforms like YouTube that claim to provide free access to paid software, enticing users to follow the instructions. However, the victims inadvertently download malicious programs instead.

    Another tactic, known as ClickFix Scams, deceives victims by presenting fake technical solutions and then instructing users to copy and paste malicious code into their command prompts, unknowingly granting attackers control of their systems.

    Similarly, fake CAPTCHA prompts have emerged disguised as standard verification steps, prompting users to paste harmful code into their systems. Fake updates that present themselves as essential software updates are being sent to users loaded with malware disguised to gain administrative privileges once installed.

    Data-stealing malware and ransomware has seen an uptick with information stealers rising by 39%. The Lumma Stealer for example increased its activity by 1154%.

    Ransomware attacks also surged, with a 100% increase in risk ratio, with the Magniber ransomware leading these attacks by exploiting unpatched software to gain access. Outdated systems, such as Windows 7, remain particularly vulnerable, however Gen has worked with governments to release free
    decryption tools like the Avast Mallox Ransomware Decryptor.

    Mobile devices also suffered rises in data-stealing malware attacks, which grew by 166% during Q3/2024. A new spyware strain, NGate, emerged, capable of cloning bank card data to withdraw money or conduct unauthorized
    transactions. Meanwhile, banking malware, such as Rocinante, increased by
    60%, with new strains like TrickMo and Octo2 surfacing.

    In terms of delivery, malicious SMS messages remain the primary delivery method. Telemetry from Norton Genie shows that smishing (malicious SMS scams) accounts for 16.5% of observed attacks, followed by lottery scams (12%) and phishing emails/texts (9.6%). You may also like These are the best antivirus solutions Take a look at the best Mac antivirus LastPass hacked, users see millions of dollars of funds stolen



    ======================================================================
    Link to news story: https://www.techradar.com/pro/Hackers-are-tricking-victims-into-scam-yourself- attacks-with-fake-tutorial-CAPTCHAs-and-updates


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)