Mobile devices at the centre of new types of cybercrimes
Skip to main content
T
Wednesday, March 29, 2023
The Daily Star
E-paper Today's News বাংলা
  • Home
  • News
  • Opinion
  • Health
  • Sports
  • Business
  • Entertainment
  • Culture
  • Life & Living
  • Youth
  • Tech & Startup
  • Feature
    • Lifestyle
    • Arts & Entertainment
    • Showbiz
    • Star Health
    • Satireday
    • Shout
    • Toggle
    • Star Literature
    • In Focus
    • Star Youth
    • Shift
    • Daily Star Books
    • Roundtables
    • Star Holiday
    • weekend read
  • More
    • Environment
    • NRB
    • Supplements
    • Law & Our Rights
  • E-paper
  • বাংলা
Search Epaper T
  • Today's News
  • Home
  • News
  • Opinion
  • Health
  • Sports
  • Business
  • Entertainment
  • Culture
  • Life & Living
  • Youth
  • Tech & Startup
  • Feature
    • Lifestyle
    • Arts & Entertainment
    • Showbiz
    • Star Health
    • Satireday
    • Shout
    • Toggle
    • Star Literature
    • In Focus
    • Star Youth
    • Shift
    • Daily Star Books
    • Roundtables
    • Star Holiday
    • weekend read
  • More
    • Environment
    • NRB
    • Supplements
    • Law & Our Rights

  • About Us
  • Contact Us
  • Apps
  • Comment Policy
  • RSS
  • Sitemap
  • Advertisement
  • Newsletter
  • Privacy Policy
  • Conference Hall
  • Archives
Tech & Startup

Mobile devices at the centre of new types of cybercrimes: Report

Toggle Desk
Thu Nov 24, 2022 03:20 PM Last update on: Thu Nov 24, 2022 03:43 PM
Mobile Devices Security

Cybersecurity platform Sophos recently published its 2023 Threat Report, where it described how the cyber threat landscape has reached a new level of commercialisation and convenience for would-be attackers, with nearly all barriers to entry for committing cybercrime removed through the expansion of cybercrime-as-a-service.

The report also addresses how ransomware remains one of the greatest cybercrime threats to organisations with operators innovating their extortion tactics, as well as how demand for stolen credentials continues to grow.

For all latest news, follow The Daily Star's Google News channel.

Criminal underground marketplaces like Genesis have long made it possible to buy malware and malware deployment services ("malware-as-a-service"), as well as to sell stolen credentials and other data in bulk. Over the last decade, with the increasing popularity of ransomware, an entire "ransomware-as-a-service" economy sprung up.

Now, in 2022, this "as-a-service" model has expanded, and nearly every aspect of the cybercrime toolkit, from initial infection to ways to avoid detection, is available for purchase.

With the expansion of the "as-a-service" economy, underground cybercriminal marketplaces are also becoming increasingly commodified and are operating like mainstream businesses. Cybercrime sellers are not just advertising their services but are also listing job offers to recruit attackers with distinct skills. Some marketplaces now have dedicated help-wanted pages and recruiting staff, while job seekers are posting summaries of their skills and qualifications.

As the cybercrime infrastructure has expanded, ransomware has remained highly popular and profitable.

Over the past year, ransomware operators have worked on expanding their potential attack service by targeting platforms other than Windows while also adopting new languages like Rust and Go to avoid detection. Some groups, most notably Lockbit 3.0, have been diversifying their operations and creating more "innovative" ways to extort victims. 

The evolving economics of the underground has not only incentivized the growth of ransomware and the "as-a-service" industry, but also increased the demand for credential theft. With the expansion of web services, various types of credentials, especially cookies, can be used in numerous ways to gain a deeper foothold in networks. Credential theft also remains one of the easiest ways for novice criminals to gain access to underground marketplaces and begin their "career."

Sophos also analysed the following trends:

  • Mobile devices are now at the centre of new types of cybercrimes. Not only are attackers still using fake applications to deliver malware injectors, spyware and banking-associated malware, but newer forms of cyberfraud have been growing in popularity.
  • The war in Ukraine had global repercussions for the cyber threat landscape. Immediately following the invasion, there was an explosion of financially motivated scams, while nationalism led to a shake-up of criminal alliances between Ukrainians and Russians, particularly among ransomware affiliates
  • Criminals continue to exploit legitimate executables and utilise "living off the land binaries" (LOLBins) to launch various types of attacks, including ransomware. In some cases, attackers deploy legitimate but vulnerable system drivers in "bring your own driver" attacks to attempt to shut down endpoint detection and response products to evade detection.
Related topic:
Sophoscybersecuritymobile devices security
Apple Google
Click to comment

Comments

Comments Policy

Related News

Spooked by Bangladesh heist, Asian security summit works on cybersecurity

Kaspersky boss warns of emerging cybercrime threats

Cloud services

Cloud services at risk of cyber attacks: Report

Facebook shuts down fake Bangladeshi news sites

Vietnam says Facebook violated cybersecurity law

Hack the Pentagon

Pentagon invites hackers to attack its websites

৩ ঘণ্টা আগে|দুর্ঘটনা ও অগ্নিকাণ্ড

সৌদিতে বাস দুর্ঘটনা: ৮ বাংলাদেশি নিহত, পরিচয় শনাক্ত

রিয়াদে বাংলাদেশ দূতাবাসের প্রথম সচিব মোহাম্মদ ফখরুল ইসলাম (প্রেস) এ তথ্য নিশ্চিত করেছেন।

৩৬ মিনিট আগে|দুর্ঘটনা ও অগ্নিকাণ্ড

বাস দুর্ঘটনা: ৬ মাস আগে সৌদিতে যান মামুন

The Daily Star
Journalism without fear or favour
  • About Us
  • Contact Us
  • Apps
  • Comment Policy
  • RSS
  • Sitemap
  • Advertisement
  • Newsletter
  • Privacy Policy
  • Conference Hall
  • Archives
© 2023 thedailystar.net | Powered by: RSI LAB
Copyright: Any unauthorized use or reproduction of The Daily Star content for commercial purposes is strictly prohibited and constitutes copyright infringement liable to legal action.
X