Malware disguised as meeting apps spiked by 1067%

Issue 2 2021 Cyber Security

The COVID-19 pandemic forced the majority of people to move their work to their homes, which meant an unprecedented increase in online meeting application usage. Criminals did not overlook this fact and started to distribute malware using popular meeting applications as a lure.

Atlas VPN analysis reveals that cyber threats disguised as videoconferencing applications jumped by 1067% in a year. The data analysed was provided by Kaspersky.

Threat actors spread these malicious files through phishing emails or websites. Fraudsters create seemingly authentic emails and websites to lure victims into downloading the installer, which comes with a hidden bonus called malware.

In March 2020, the anti-virus provider detected 90 000 malicious installers hidden under the name of popular meeting applications, while in February 2020, the number jumped to 1.05 million, representing a 1067% increase.

Most threats were detected in January 2021, when victims encountered 1.15 million cyber threats.

The most popular applications used to disguise malware are Zoom, MS Teams, Slack, Webex, HighFive, Lifesize, Join.me, Flock, GotoMeeting.

Cybersecurity practices for 2021

While the applications used to disguise malware might have changed, the security steps to protect yourself against instructions remain the same. What changed is how vigilant you should be online because of the record-high hacker activity.

There are countless little tricks that fraudsters can use to dupe you into clicking on a phishing link or downloading an attachment. As a rule of thumb, simply decide to ignore all email attachments and links until you confirm with your colleagues, friends, or Google search that a particular company is indeed sending out such emails.

You might be tempted to skip on checking a particular email closely because your favourite restaurant is offering a great discount that is only available for the next 24 hours, but that is exactly what the criminal aims to achieve by including time-sensitive offers.

Scam websites also reached unprecedented levels in the past year. Google detected a record-high 2.11 million phishing sites in 2020. Looking at the last decade year-by-year, the volume of phishing portals grew by 43% on average.

“These websites pretend to be legitimate so that they can trick users into typing in their usernames and passwords or sharing other private information. Web pages that impersonate legitimate bank websites or online stores are common examples of phishing sites,” explains Google’s Transparency Report.

Once again, whenever you are directed to a website from any link or form, be it Google Ads, email link, or an apparent message from a friend, you should proceed with caution.

Finally, a huge red flag should also go up if you are browsing a well-known website and detect spelling or grammatical errors. Hackers rarely hire professional writers to proofread their texts, which makes this an obvious clue to detect a phishing site.

Source: https://atlasvpn.com/blog/malware-disguised-as-meeting-apps-spiked-by-1-067-in-12-months




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

More is less in cybersecurity
Issue 2 2021 , Cyber Security
Post-pandemic paradox: more solutions do not bring better protection. Despite 80% of organisations running up to 10 different protection and cybersecurity solutions simultaneously, more than 50% of them experienced downtime from data loss last year.

Read more...
Ransomware and Microsoft Exchange Server attacks are surging
Issue 2 2021 , Cyber Security
Check Point Research sees global surges in ransomware attacks, alongside increases in cyberattacks targeting Microsoft Exchange Server vulnerabilities at a time where CISA has raised the alarm about ransomware attacks against Microsoft Exchange servers.

Read more...
The realities of AI in cybersecurity: catastrophic forgetting
Issue 2 2021 , Cyber Security
There is a lot of hype about the use of artificial intelligence (AI) in cybersecurity. The truth is that the role and potential of AI in security is still evolving and often requires experimentation and evaluation.

Read more...
Cyber makes it secure
Issue 2 2021 , Cyber Security
Stas Protassov, Acronis co-founder and technology president comments on the recent hacking of over 150 000 Verkada surveillance cameras.

Read more...
Security patches are not a plan
Issue 2 2021, Galix Group , Cyber Security
Patches are undoubtedly an essential component of a cybersecurity strategy, but with the current digital landscape, with many employees continuing to work from home, patches alone are not sufficient.

Read more...
Sophos unveils XGS firewall appliances
Issue 2 2021 , Cyber Security
Sophos unveils XGS firewall appliances with optimised Transport Layer Security (TLS) inspection in light of new research that identifies a surge in cybercriminals using TLS to carry out attacks.

Read more...
Kaspersky reveals five ways ransomware gangs play today
Issue 2 2021 , Cyber Security
] Over the past few years, the methods cybercriminals use to distribute ransomware has changed dramatically. While a few years ago, they would spread encrypted files on a large scale, today their ransomware attacks have become more focused.

Read more...
Safe, friction-free user interactions
Issue 2 2021 , Cyber Security
F5 announced the addition of new SaaS products to its application security portfolio: Device ID and Shape Recognize make use of unique data and analytics capabilities, streamlining customer experiences by removing login friction for users while guarding against fraud.

Read more...
Educating remote workers on cybersecurity
Issue 2 2021, J2 Software , Cyber Security
Cybercriminals have shifted their focus to vulnerable employees who now work from home and use personal Internet connections, requiring more education of remote workers on cybersecurity and better computer safety practices or risk having their data compromised.

Read more...
Healthcare, cybersecurity and the COVID-19 vaccine supply chain
Issue 2 2021 , Cyber Security
Understanding why the COVID-19 vaccine supply chain is being targeted and how to protect against such attacks is vital for IT leaders who understand that healthcare and cybersecurity must now go hand-in-hand.

Read more...