Crooks are getting smarter and more advanced in their tactics to scam corporate executives, but it isn’t because of advancements in technology such as ChatGPT. That is according to security researchers at Kaspersky who spoke with The Register during the RSA Conference.
Rather than malware and automated functions, social engineering is what is being used to break into networks, fooling their victims into granting access to accounts and data. Excecutives are being tricked by attackers who are studying the way their victims communicate with one another and crafting messages to appear authentic and believable.
The Kaspersky Global Research and Analysis Team released their quarterly summary of advanced persistent threat (APT) trends for the first quarter of 2023. The research revealed an increase in social engineering lures and some new malware implants on the scene. The most noteworthy of which is the Rust-based JLORAT implant being used by the Russian-speaking Tomiris group.
The “false-flag” attack where it appears that Russia-based Turla group may have been collaborating with Tomiris was also discovered. A false-flag is a form of deception that makes an attack seem like it is coming from a country/source other than the one actually responsible.
Another interesting observation is that many of these threats are now being written in newer programming languages like Go and Rust. This helps the miscreants to make the code harder to analyze and attribute attacks.
Finally, the latest quarter saw a TargetPlug in-memory implant used by suspected Chinese-speaking attackers to target game developers in South Korea, which was linked to the threat actor Winnti.
Overall, it appears to be an upward trend in malicious actors using more advanced techniques and techniques to try and scam their victims.
Dan Demeter, a senior security researcher at Kaspersky, is an expert on cybercrime and has been featured on many media outlets for his knowledge and experience. He has years of experience in the cybersecurity field and a track record of delivering impressive results.
Marco Preuss, Deputy Director of Kaspersky’s Global Research and Analysis Team, is another expert in the field. He has written extensively on social engineering and its ability to bypass common security measures. He believes that to fight this kind newer techniques, it is important for companies and organizations to stay up to date on the latest cyber threats.
Kaspersky is an international cyber security firm that provides advanced threat protection solutions and services to a wide range of businesses and organizations. They use groundbreaking technologies to give their clients the best security protection they can get and allow them to stay ahead of the curve when it comes to defending against cyber threats.