Kaspersky warns about the cyber espionage thru’ social engineering
Cyber espionage is increasing through social engineering. Cyber crooks have updated their toolset for this. These attacks are targeting government institutions, the military, telecommunications, and the judiciary.
Kaspersky's global research and analysis team has reported significant changes in cybercriminal activity between April and June 2024. Kaspersky's Telemetry Data Unveils Advanced Cyber Espionage
According to the latest Advanced Persistent Threat (APT) Trends report, the use of open-source threats, including the backdooring of XZ, a compression utility used in Linux distributions, is a noticeable aspect of these cybercriminals' changing modus operandi. Attackers use social engineering to infiltrate advanced environments and gain uninterrupted access. They also hide their activity through anti-replay features and custom steganography. Because of these techniques, these threats have gone undetected for years.
Hacktivism has played an important role when groups like Homeland Justice launch malicious attacks, it has been reported. In Albania, the group removed more than 100 TB of data and wiped-out database servers. By doing this, the institutions they targeted were severely damaged.
Beyond that, attackers have updated their toolsets. The group, called Gofi, ditched old tools like Wawa and VisualTaskell and adopted a new approach, including a loader that can exactly duplicate legitimate documents. Attackers' infiltration operations are evolving day by day.
The APT campaign had a global impact, emphasizing the wide spread of this threat across Europe, the Americas, Asia, the Middle East and Africa.
"APT is constantly evolving through adaptation and expansion," said David M., chief security researcher at Kaspersky's Great. This makes it a formidable threat. The entire cyber community must unite to combat this threat. Only collective vigilance and open communication can help us stay ahead of threats and secure our digital world.”
The security firm said that more research on these complex threats will be revealed at the 16th Security Analyst Summit (SAS) conference to be held in Bali, Indonesia from October 22 to 25.
