Tag Archive for: transactions

Radware: Web App, API Malicious Transactions Up 171% Due to DDoS Attacks

/in


  • DDoS attacks per customer nearly double
  • Web DDoS attacks relentlessly continue throughout the year
  • DNS query flood vectors increase more than three fold
  • Government, business/economy, and travel websites face the most hacktivist claimed DDoS attacks worldwide

Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, released its 2024 Global Threat Analysis Report.

“The technological race between good and bad actors has never been more intense,” said Pascal Geenens, Radware’s director of threat intelligence. “With advancements like Generative AI,

inexperienced threat actors are becoming more proficient and skilled attackers more emboldened. In 2024, look for attack numbers to climb and attack patterns, like the shift in Web DDoS attacks, to continue to evolve.”

Radware’s comprehensive report leverages intelligence provided by network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network, and threat intelligence research team during 2023. In addition, it draws from information found on Telegram, a public messaging platform often used by cyber criminals.

Radware’s report reveals key themes about the emerging threat landscape.

DDoS Attacks Surge Unprosecuted

“With almost two years of illegal denial of service left un-prosecuted following Russia’s invasion of Ukraine and the unfettered rise of hacktivism, the threshold into a life of cyber crime has reached a new low,” said Geenens. “We have yet to see DDoS attacks used as a mainstream vehicle to settle disagreements or differences, but plenty of groundwork has been laid by proficient hacktivists.”

Between the close of 2022 and 2023 DDoS attacks rose worldwide:

  • Globally, the average number of DDoS attacks per customer grew by 94%. On a regional basis, the increase in the number of DDoS attacks targeting customers varied:
    • EMEA rose 43%
    • The Americas grew 196%
    • APAC climbed 260%
  • The Americas were targeted by almost half of all global DDoS attacks. The EMEA region, accounting for 39% of the DDoS attacks, mitigated 65% of the global DDoS attack volume. The APAC region accounted for almost 12% of global DDoS attacks.

Hacktivists Attack with Unrelenting…

Source…

Ransomware Spikes 130% in January – Digital Transactions

/in


Already, 2024 is starting off with an unrelenting wave of ransomware attacks. The number of attacks last month, as registered by cybersecurity firm BlackFog, increased 130% from January 2023.

Cheyenne, Wyo.-based BlackFog says the 76 attacks noted this January are the second-highest it has ever recorded. The highest number came only in November, when nearly 90 attacks happened. The insidious nature of ransomware can mean companies pay to get their data decrypted by the criminals who scrambled it, and often have expensive followup actions to complete.

BlackFog’s data shows that the education sector, at 14, saw the most attacks followed by healthcare at eight and manufacturing at seven. Finance endured five attacks in January. The data also show that, in the past few months, ransomware attackers made a decided shift to small and mid-size organizations.

Most attacks still seek to extract data, with 91% of all ransomware having that goal, it says. The average ransom payout is $568,705, down 33% from the third quarter of 2023.

“We are now seeing extortion continue for years after the initial attack, even if the victim paid the initial ransom,” Darren Williams, BlackFog chief executive and founder, says in a statement. “There are so many ways to leverage data once it has been exfiltrated. Lastly, we see that China and Russia continue to dominate as the leading destinations for exfiltrated data, with 18% and 8% respectively.”

Organizations in the United States account for 57% of ransomware attacks, followed by the United Kingdom at 8%, and Singapore at 4%.

Source…

Securing high-value digital transactions improves customer satifaction

/in


Securing high-value digital transactions improves customer satifaction | Security Magazine




Source…

Global Botnet Hijacks $500,000 In Crypto Transactions In Just One Year

/in


A stealthy botnet that has infected computers in nearly 100 different countries is silently stealing cryptocurrency from its victims. From November 2020 to November 2021 it hijacked nearly $500,000.

The Phorpiex botnet has been operating since 2016 and is made up of hundreds of thousands of compromised devices. Back in 2019 it was grabbing headlines for an alarmingly successful sextortion email campaign that was raking in $20,000 a month for its criminal controllers.

Phorpiex also has the ability to steal cryptocurrency, which it does by “crypto-clipping.” In these attacks, malware on an infected devices waits for cryptocurrency transactions to be take place. When a transaction is detected, the malware clips the original destination wallet address and replaces it with one controlled by the attacker.

According to Check Point Research the Phorpiex crypto-clipper supports more than 30 different cryptocurrencies. Since April of 2016 Phorpiex has hijacked thousands of transactions and swiped around 38 Bitcoin and 133 Ether. At today’s exchange rates that works out to around $2.2 million in stolen cryptocurrency.

From last November until this November alone Phorpiex successfully clipped 969 transactions. Those attacks netted its controller(s) more than $650,000.

This summer, however, the botnet activity suddenly tailed off. In August one of its creators allegedly walked away from cybercrime and the other decided to sell the Phorpiex code to the highest bidder.

Whether or not a sale actually happened, Phorpiex was back a few weeks later with some new tricks. A new variant called Twizt emerged.

One of the biggest differences with Twizt is that the botnet is now able to communicate peer-to-peer. That means it’s not dependent on specific command and control servers. Infected hosts can send instructions to each other.

Twizt has also added a double-encrypted protocol for communication and new data integrity functions. Check Point researcher Alexey Bukhteyev says The emergence of such features suggests that the botnet may become even more stable and therefore, more dangerous.”

Security researchers had managed to take control of the…

Source…