ESET has released its Q2 Cyber Threats Report Feb 2020
In the spring, most companies were forced to switch to home office mode and provide employees with remote desktop access. ESET recorded an increase in the number of attempts to attack through the RDP protocol more than 2 times compared to the first quarter. The number of servers on which brute-force attacks were carried out also increased – by 30%. Russia ranked first in terms of the number of unique attacks of this type since the beginning of 2020.
Compared to the previous quarter, the number of detected malware for Android increased by 18%. The most widespread were hidden malware, adware, stalker and spyware, SMS Trojans and ransomware.
Android threat detection dynamics by category
The attackers exploited the COVID-19 theme most actively. In June, ESET discovered the CryCryptor ransomware virus targeting Android users, disguised as a coronavirus monitoring tool.
There was also a slight decrease in the total number of web threat detections compared to Q1. 2020 In May, ESET telemetry detected about 13 million blocked threats every day.
The number of detected fraudulent sites increased by 19%, reaching the highest rates in the first half of the year – the peak was in the first week of May. The top 5 countries in terms of the number of blocked web threats include Russia, Peru, Japan, France and the United States. The number of websites with malware dropped sharply by 44%, as did the number of unique URLs by 27%.
The vast majority of threats to the Mac operating system are potentially unwanted applications (41%). They are followed by adware (28%), potentially unsafe applications (18%), and malware (about 10% combined).
Mac threat detection dynamics by category
Most often, Mac users are faced with illegal advertising and coercion to buy unnecessary goods and services at inflated prices. For such attacks, cybercriminals usually use social engineering methods – offering the victim to download and install an adware application or an adware downloader.
information security, corporate information security