Despite the series of malicious cyber attacks witnessed in 2023, with a number of new trends and tactics in the campaigns, one of the breaches that stood out was the breach of the file transfer service MOVEit.
In a new report published by ESET, it was revealed that in addition to its extensive effects, the MOVEit hack was significant since its perpetrators, Cl0p, did not use any ransomware.
Additionally, the campaign leaked the stolen data from victim organizations on a public website—another example of a novel tactic used by cybercriminals. The infamous ALPHV/BlackCat ransomware gang, who were also active this year, were also seen adopting this strategy.
Emerging Trends
ESET, in its report, notes that because of the scale at which the MOVEit hack transpired, it was probably too much effort for Cl0p to encrypt each victim it captured. ESET cites data from Emsisoft, which projects that there will be more than 2,600 impacted organizations after six months.
These victims ranged from government agencies, schools and healthcare, to major organizations like Sony and PricewaterhouseCoopers (PwC).
Another emerging tactic adopted by cybercriminals was using AI tools in their attack campaigns, taking into account the boom in technology in 2023 and the wake of ChatGPT’s public release in November 2022.
Several campaigns have utilized AI tools like ChatGPT and spoofing domains that sound similar to ChatGPT. These domains include web applications that compromi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.