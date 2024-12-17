ESET 2024 Threat Report outlines the year's top risks

If you’ve encountered any social media scams this year, you’re not alone. The ESET 2024 threat report has revealed investment and crypto scams are dominating the digital landscape, alongside ransomware and infostealers -despite law enforcement's best efforts.

Most social media users will probably have noticed a serious rise in the number of scams this year, and especially in ‘investment opportunities’ targeting hopeful crypto entrepreneurs. Criminals are increasingly using deepfakes and AI generated content, often featuring celebrity images to legitimize the brand.

The primary goal of these scams is to harvest data from victims, and encourage them to invest money into fraudulent products and schemes, even going as far as to create fake testimonials, adverts, and positive reviews on X (formerly Twitter) and YouTube, in order to seem authentic - so be skeptical of any online endorsements.

Filling Lockbit’s shoes

Elsewhere in 2024, the infamous Lockbit disruption has left a vacuum which is being filled by new and existing groups. RansomHub stepped up to the challenge, and has claimed almost 500 victims so far, including Kawasaki and Halliburton. Although Lockbit is rebuilding its infrastructure, its reputation has taken a hit, and the group has struggled to recruit skilled hackers into its ranks.

There’s also been some upheaval in the infostealer arena, with huge players RedLine and Meta taken down by Dutch authorities in October of this year. As a result of this, competitor Lumma stealer has become more popular than ever, seeing a 368% increase in the second half of 2024.

One of the top malware players, Agent Tesla, has seen a 26% decrease in detections in the second half of the year. This doesn’t mean malware is on the decline though, as Formbook saw a resurgence, even hitting 7,000 detections in one day.

The cyberthreat landscape is fickle and unpredictable. Law enforcement have seen some important victories this year, but inevitably any disrupted groups are soon replaced by their competitors.

“The second half of 2024 seems to have kept cybercriminals busy finding security loopholes and innovative ways to expand their victim pool, in the usual cat-and-mouse game with defenders.” said ESET Director of Threat Detection Jiří Kropáč.