90% of threats are social engineering

In this Help Net Security video, Jakub Kroustek, Malware Research Director at Gen, discusses the Avast Q1 2024 Threat Report.

The report highlights significant trends and incidents in cybersecurity. Key findings include:

Surge in social engineering attacks: Nearly 90% of threats blocked were social engineering-based, with scams and phishing on the rise, particularly utilizing deepfake technology and hijacked YouTube channels.

Lazarus APT campaign: The Lazarus Group’s sophisticated campaign targeted individuals in Asia with fake job offers, exploiting a Windows driver vulnerability to maintain persistent access.

Increase in mobile threats: Over 90% of mobile threats were scams, with notable threats including adware, banker malware like MoqHao, and biometric data theft attempts.

Ransomware activity: LockBit ransomware made headlines with a law enforcement takedown, though it quickly resurfaced. Avast released decryptors for new ransomware strains like HomuWitch and Rhysida.

YouTube as a threat vector: YouTube was exploited for phishing, malvertising, and crypto scams, but Avast protected millions of users from these threats.