REPORTS

Threat Report T1 2022

June 3, 2022

Welcome to the T1 2022 issue of the ESET Threat Report!

After more than two years of shielding from a global pandemic, we get a reward: war! Several conflicts are raging in different parts of the world, but for us, this one is different. Right across Slovakia’s eastern borders, where ESET has its HQ and several offices, Ukrainians are fighting for their lives and sovereignty in this unprovoked war, facing an opponent that possesses nuclear weapons. As you will read in the following pages, Ukraine is resisting attacks not only in the physical world but also in cyberspace.

Our Featured story recounts various cyberattacks connected to the ongoing war that ESET researchers analyzed or helped to mitigate. This includes the resurrection of the infamous Industroyer malware, attempting to target high-voltage electrical substations.

Shortly before the Russian invasion, ESET telemetry recorded one of two sharp drops in RDP attacks. The decline in these attacks comes after two years of constant growth – and as we explain in the Exploits section, this turn of events might have a connection to the war in Ukraine. But even with this fall, almost 60% of incoming RDP attacks seen in T1 2022 came from Russia. Another side effect of the war: while in the past ransomware threats tended to avoid targets located in Russia, in this period, according to our telemetry, Russia was the top targeted country. We even detected lock-screen variants using the Ukrainian national salute “Slava Ukraini” (Glory to Ukraine).

Unsurprisingly, the war has also been noticeably exploited by spam and phishing threats. Immediately after the invasion on February 24, scammers started to take advantage of people trying to support Ukraine, using fictitious charities and fundraisers as lures. On that day, we detected a large spike in spam detections. We can also confirm that Emotet – the infamous malware, spread primarily through spam emails – is back after last year’s takedown attempts, and has shot back up in our telemetry. Its operators spewed spam campaign after spam campaign, with Emotet detections growing by more than a hundredfold! …

Roman Kováč
ESET Chief Research Officer

SHARE:
Price: FREE

About the Provider

ESET
ESET began life as a pioneer of antivirus protection, creating award-winning threat detection software. Now, ESET’s goal is to make sure that everybody can enjoy the breathtaking opportunities that technology offers. Today, our security solutions allow businesses and consumers in more than 200 countries and territories to make the most of the digital world.

TOPICS

cryptocurrency, IoT Security, Malware, ransomware, Threat Landscape