Kaspersky predicts crime and financial threats in 2023
Woburn, MA, Nov. 22, 2022 (GLOBE NEWSWIRE) — Woburn, MA – November 22, 2022 – According to a 2023 prediction report today from Kaspersky, next year will see significant demand for malware loaders on the darknet. Instead of developing their own malicious samples, attackers will choose ready-made services with improved detection avoidance. Separately, due to increasing regulations imposed on crypto markets, criminal gangs will move away from Bitcoin and seek other forms of value transfer. These and other predictions are in Kaspersky’s “Crimeware and financial cybertreats in 2023” report.
Given that the financial threat landscape has evolved dramatically in recent years, Kaspersky experts believe that it is no longer sufficient to look only at threats against traditional financial institutions, but that it is better to assess financial threats as a whole. The cybercrime market has evolved a lot, with the overwhelming majority of attackers pursuing one goal – financial gain.
This year, Kaspersky researchers have decided to adjust their predictions accordingly, expanding them to include both the evolution of crime and financial cyber threats.
By analyzing the significant events and trends that shaped both the crime and financial threat landscape in 2022, Kaspersky researchers have predicted several key trends expected in 2023. Here are their key predictions:
With the growing popularity of cryptocurrencies, the number of crypto scams has also grown. However, users are now much more aware of crypto and will not fall for primitive scams like the dubious cryptocurrency scheme that went viral with a video featuring a deeply fake “Elon Musk.” Cybercriminals will continue to try to steal from people using fake ICOs and NFTs, and other cryptocurrency-based financial theft. Along with the exploitation of vulnerable smart contracts, criminals will use and create more advanced methods to spread their crimes.
Many actors have their own malware, but that alone is not enough. Entire samples used to consist of ransomware alone. However, when there are different types of modules in ransomware, it is easier for the threat to avoid detection. As a result, attackers now pay much more attention to downloaders and droppers, who can avoid detection. This has become a big commodity in the Malware-as-a-Service industry and is already a favorite among cybercriminals on the darknet, such as the Matanbunchus downloader. Overall, stealth driving and bypassing EDRs is what malicious payload developers will be focusing on in 2023.
While various vendors create and improve penetration testing frameworks to protect companies, such as Brute Ratel C4 and Cobalt Strike, crime actors are expected to use them much more actively for illicit activities. Along with the development of new penetration tools, cybercriminals will increasingly use the frameworks for their own malicious purposes.
As sanctions against ransom payments continue to be issued, markets become more regulated, and technologies become better at tracking the flow and sources of Bitcoin (and sometimes reversing conspicuous transactions), cybercrooks will rotate away from this cryptocurrency and toward other forms of value transfer.
As geopolitics increasingly occupy the attention of not only the public but also cybercriminals, ransomware groups are expected to demand some form of political action rather than asking for ransom. An example of this is Freud; brand new ransomware with wiper features.
“We predict two major scenes in the ransomware landscape in the coming year,” said Marc Rivero, senior security researcher at Kaspersky’s Global Research and Analysis Team. “One of them will be the use of destructive ransomware with the unique purpose of resource destruction and the impact of what we call ‘regional attacks’, where certain families only affect certain regions. For example, the mobile malware landscape made a big evolution in the Latin American region, and bypassed the security methods used by banks such as OTP and MFA. Malware-as-a-service is another important thing to observe, as these types of underground services are often found around ransomware attacks that affect larger organizations.”
More information about these predictions is available on Securelist.
These economic predictions are part of Kaspersky’s Vertical Threat Predictions for 2023, one of the segments of the Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on important changes in the world of cybersecurity.
To see what Kaspersky experts expected to see in 2022, follow this link.
About Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transformed into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers worldwide. The company’s comprehensive security portfolio includes leading endpoint protection and a range of specialized security solutions and services to combat sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies, and we help 240,000 business customers protect what matters most to them. Learn more at www.kaspersky.com.
Media contact
Sawyer Van Horn
(781) 503-1866
CONTACT: Sawyer Van Horn Kaspersky 781-503-1866 [email protected]
