From the ESET Research Laboratory, a leading proactive threat detector, analyzed the most commonly used attacks in Latin America in 2018. The company distributes key features and is the reason for the increasing use of these methods by aggressors who benefit from users' resources and data.
The most commonly used 5 cyber attacks in 2018:
1. Finging Attacks. Despite recent years of propaganda, the latest propaganda campaigns have shown new features.
Many of Phishing's web sites currently use security certificates. According to the Antiphishing Working Group, approximately 35% of phishing attacks registered in the second quarter of 2018 were posted on HTTPS web sites, with almost 5% of fake sites reported at the end of 2016.
In addition, alternative "traditional" e-mail alternatives such as messaging applications are used; to become more potential victim. At the same time, these malicious campaigns also feature the features of hieroglyphics that create more trouble for users to identify apocryphal web sites.
"The security practices recommended for Phishing are relatively safe, though not new to the new features of this type of attack, and now it's not enough to check the URL, security lock, or HTTPS usage, it's helpful to check the common name on security certificates "says Miguel Angel Mendoza, Expert in IT security in Latin America.
This danger is beginning to be identified in August 2017 and its main principle is to abolish the development potential of a foreign team to make money through cryptocurrency mining. One of the ways to allow devices is the user's browser-based scripts, enough to access a web page containing a user's code that their processor is used to shake some cryptocurrency. Cryptanalysis is the most threatened by most ESET telemetry in the world between 2017 and 2017 in the world.
In 2018, almost half of the JS / CoinMiner (ESET solutions used in Latin America) detection was found in two countries – Peru (30.72%) and Mexico (17.41). Ecuador (8.89%), Brazil (7.73%) and Argentina (7.08%).
The malicious code continues to be one of the main threats when used to attack. According to the ESET Security Report 2018, malware infections are the main cause of security incidents in Latin American companies.
ESET Research Laboratories receives more than 300,000 unique malware per day, and these types of threats are being prepared for almost all operating systems today. For example, ESET labs detect approximately 300 Android malware per month. In addition, malware specially developed to affect the devices of the so-called Internet began to emerge; is used to carry out other attacks after being humiliated.
In 2018, several e-mail scams have emerged, based on information that is intended to deceive users. Part of these campaigns had a particular fact that the user would not be deceived.
For example, the subject of the message was real to demonstrate that users' passwords are personal information and that they provide detailed information in the text of the post. This campaign was able to increase nearly half a million dollars. Another example of this type of deception is that the email has come to the user from his account, and has been featured in the account of the potential victim at the expense of the attacker.
5. Sensitivity operation
By the end of 2017, ESET reported that it was the year with the most reported weaknesses (14,714) and last year's record was over last year, but so far this number has been exceeded by 2018. According to CVE Details, over 15,300 weaknesses have been registered despite the end of the year.
From this point of view, some vulnerabilities have also increased. To give an example, the EternalBlue, used during the WannaCry release, had an increase in exploitation. The detection of this exploitation is a 600% increase compared to July 2017 (most period of activity) compared to July 2017, where various ramsomware families and other types of malware programs try to use vulnerabilities systems.
"It's important to emphasize the various threats that the computer threats are and how they want to compromise their assets, so it's important to use the security perspective technology, the use of good practices, and the use of technology, to know what's happening in cybersecurity."