ESET Threat Report H1 2023-lazarusholic

ESET Threat Report H1 2023

2023-07-11, ESET
https://www.welivesecurity.com/wp-content/uploads/2023/07/eset_threat_report_h12023.pdf
eset_threat_report_h12023.pdf, 8.4 MB
#SmoothOperator #Trend

Threat
Report
H1 2023
December 2022 – May 2023

(eset):research

ESET THREAT REPORT

Contents
Foreword3
Threat Landscape Trends 4
Predatory lending practices find new ground on Android5
The many faces of cryptocurrency threats8
Emotet campaigns shrink as operators struggle to find a new attack vector11
Malicious OneNote files: The short-lived limelight of a new intrusion vector13
Email threats see a sextortion scam comeback15
Microsoft SQL Server: An increasingly attractive target for brute-force attacks18
RedLine Stealer: Malware as a business 21
macOS affected by the first case of two linked supply-chain attacks24
Same code, different ransomware? Leaks kick-start myriad of new variants27

Threat Telemetry30
Research publications43
About this report44
About ESET45

H1 2023 | 2

ESET THREAT REPORT

Executive summary

Foreword

Threat Landscape Trends

Threat Telemetry

Research publications

About this report

About ESET

H1 2023 | 3

Executive summary
Android

Exploits Attack vectors SQL attacks

Predatory lending practices find new ground on Android

Microsoft SQL Server: An increasingly attractive target for brute-force attacks

Instead of quick financial assistance, victims of malicious loan apps are met with death
threats and digital usury practices.

MSSQL password guessing attacks take a …