Massive shifts within the infostealer scene, novel assault vector towards iOS and Android, and a large surge in funding scams on social media
28 Feb 2025
•
,
1 min. learn
Typically, our telemetry information looks like the waters of a peaceful bay, with small, easy waves gently rocking the ships anchored there to sleep. Different instances, nevertheless, sturdy winds come and alter all the pieces, bringing towering waves and scattering the ships in every single place, reworking the terrain of the bay itself within the course of.
ESET Risk Report H2 2024 felt a bit like that. Main malware households have been taken down by regulation enforcement; cell gadgets noticed the start of a brand new, probably very engaging, assault vector concentrating on each iOS and Android; there was yet one more felony “crypto gold rush”; and deepfake scams flooded social media.
Within the first part of this newest ESET Analysis Podcast episode, ESET Distinguished Researcher Aryeh Goretsky and Safety Consciousness Specialist Ondrej Kubovič talk about the infamous primary infostealer Agent Tesla being changed by its outdated competitor Formbook, the takedown of Redline Stealer and Meta Stealer, and a brand new social engineering approach fueling the fast development of Lumma Stealer.
Additionally they take a better have a look at a novel assault vector that works for each Android and iOS gadgets, one that’s misusing applied sciences permitting cell customers to put in apps straight from web sites from cell browsers.
Within the ultimate a part of the H2 2024 episode, Aryeh and Ondrej additionally go over the booming numbers of funding scams on social media, detected as HTML/Nomani, describing the seems, social engineering, and impression of this fraudulent exercise.
If any of the subjects caught your curiosity, take heed to the most recent episode of the ESET Analysis podcast. If you happen to choose the “print” model, obtain the total H2 2024 report from the Risk Experiences part of WeLiveSecurity.com.
Mentioned:
- Infostealer shakeup 2:10
- A novel assault vector for iOS and Android 16:35
- Nomani scams 27:00
