Threat Reports

The H1 2023 issue of ESET Threat Report reviews the key trends and developments that shaped the threat landscape between December 2022 and May 2023. Among other findings, it shows that cybercriminals have remarkable adaptability and relentlessly pursue new avenues to achieve their nefarious goals – be it through exploiting vulnerabilities, gaining unauthorized access, compromising sensitive information, or defrauding individuals. Importantly, this issue also includes design improvements and features a new approach to data presentation.

What were some of the world's most notorious APT groups up to from October 2022 to March 2023? As this report shows, several China-aligned threat actors such as Ke3chang and Mustang Panda focused on European organizations, targeting them with new malicious wares. Meanwhile, Iran-aligned group OilRig deployed a new custom backdoor in Israel. North Korea-aligned groups continued to focus on South Korean and South Korea-related entities. Russia-aligned APT groups were especially active in Ukraine and EU countries, with Sandworm deploying wipers.

This issue of ESET's Threat Report reviews the key developments that defined the threat landscape in the final four months of 2022. Russia's war on Ukraine continued to impact everything from global economy to cyberspace, where the ransomware scene in particular went through major shifts, all while RDP attacks took a nosedive. This, of course, barely scratches the surface of what the report reveals. Additionally, the report highlights some of the key findings by ESET researchers in late 2022.

This issue of the ESET APT Activity Report reviews the activities of selected APT groups as observed, investigated, and analyzed by ESET researchers from September to December 2022. Russia-aligned APT groups continued to be particularly involved in operations targeting Ukraine, deploying destructive wipers and ransomware. For example, we detected the infamous Sandworm group using a previously unknown wiper against an energy sector company in Ukraine.

The first instalment of the ESET APT Activity Report – which looks at advanced persistent threat (APT) activity in May to August 2022 and accompanies the ESET Threat Report covering the same period – features insights of ESET Research into the activity of Russia-, China-, Iran-, and North Korea-aligned threat actors. Among many other things, the report shows that even more than eight months after the Russian invasion, Ukraine continues to be a prime target of Russia-aligned APT groups.

In the T2 2022 Threat Report, the ESET research team reviews the main trends and developments shaping the threat landscape from May to August 2022. The report sheds light on the changes in ideologically motivated ransomware, Emotet activity, the most-used phishing lures, the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, as well as on how the plummeting cryptocurrency exchange rates affected online threats. The report also reviews the most important findings and achievements by ESET researchers in recent months.

The T1 2022 issue of the ESET Threat Report provides an in-depth exploration of the key developments, trends and threats that shaped the cybersecurity landscape in the first four months of 2022. What kinds of implications did Russia's invasion of Ukraine have for attackers' tactics and techniques? What are some of the most impactful attacks that were connected to the war and were discovered (and thwarted) by ESET research? Speaking of which, the report also summarizes the various recent findings from ESET research labs and features highlights from ESET investigations into operations by various APT groups.

In its T3 2021 Threat Report, which covers September to December 2021, ESET Research summarizes key statistics from ESET detection systems, looks at the most frequent external attack vectors and shifts in the prevalence of certain types of threats due to fluctuating exchange rates of cryptocurrencies. It also highlights notable examples of ESET cybersecurity research, including exclusive, previously unpublished updates on current threats. It also comes with commentary on the broader trends observed throughout the year, as well as predictions for 2022 by ESET malware researchers and detection specialists.

The T2 2021 issue of the ESET Threat Report examines the key trends and developments that shaped the threat landscape between May and August 2021, highlighting several particularly disconcerting trends: increasingly aggressive ransomware tactics, escalating brute-force attacks, and deceptive phishing campaigns targeting remote workers. Beside these – and many other – findings, the report also looks at some of the most notable research publications from ESET malware analysts and brings previously unpublished discoveries by ESET researchers.