More zero knowledge attacks, more leaked credentials, more Gen-Z cyber crimes – 2022 trends and 2023 predictions.
Cybercrime remains a major threat to individuals, businesses, and governments around the world. Cybercriminals continue to take advantage of the prevalence of digital devices and the internet to perpetrate their crimes. As the internet of things continues to develop, cybercriminals will have access to a greater number of vulnerable devices, allowing them to carry out more sophisticated attacks. Cybercrime is expected to become increasingly profitable as criminals continue to find new and better ways to monetize their attack as entry barriers to cybercrime keep going down.
This article discusses key trends we’ve noticed in 2022 that will likely continue in 2023, which we’ll also elaborate on in the upcoming webinar “The Rise of the Rookie Hacker – a new trend to reckon with” on January 11th.
Leaked credentials will continue to be the main attack vector for initial access
According to IBM’s cost of a breach 2022 report, use of stolen or compromised credentials remains the most common cause of a data breach.
The main source for leaked credentials in 2022 was Info-Stealers – a malware that can steal stored credentials from browsers, cookies (used for session hijacking and to bypass MFA), crypto wallets, and more. Redline Stealer, in particular, gained a lot of popularity among threat actors which led to the creation of several other stealers such as the “Luca stealer” and the “eternity stealer”. The latter is part of an end-to-end offering named the eternity project, which allows threat actors to buy or rent any tool they need to launch an attack against a target of their choosing.
images from Hacker News