Cybercriminals are leveraging increasingly sophisticated attack methods, including the strategic deployment of infostealers, research from Check Point Software’s October 2024 Global Threat Index reveals.
The report also notes that the ‘Lumma Stealer’ malware, which leverages fake CAPTCHA pages to infiltrate systems through phishing and cracked game downloads, has surged to 4th in Check Point’s monthly global malware rankings. Once installed, it exfiltrates sensitive data, underscoring the effectiveness of today’s infostealers.
Maya Horowitz, VP of Research at Check Point Software, says these findings highlight the need for more advanced cybersecurity defenses.
“The rise of sophisticated infostealers underscores a growing reality. Cybercriminals are evolving their methods and leveraging innovative attack vectors. Organizations must go beyond traditional defenses, adopting proactive and adaptive security measures that anticipate emerging threats to counter these persistent challenges effectively,” she said.
The report also reveals that a new version of ‘Necro’ rose to 2nd in the mobile malware rankings for October. The malware infects popular applications, including game mods on Google Play, and has impacted over 11 million devices.
Necro is another example of a sophisticated infostealer, employing obfuscation techniques to evade detection and utilizing steganography – concealing information within another message or physical object to avoid detection – to hide its payloads. Once activated, Necro can display ads in invisible windows, interact with them, and even subscribe victims to paid services. Check Point says the increasing use of Necro further highlights attackers’ evolving tactics to monetize their operations.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.