Attackers are going to start using ready-made services that have improved detection avoidance features rather than building their own malicious samples. Separately, as a result of the increased rules that are being put on cryptocurrency marketplaces, criminal syndicates are going to migrate away from Bitcoin and look for alternative ways to transfer money. The research titled "Crimeware and Financial Cyberthreats in 2023" from Kaspersky contains these and other forecasts for the future.
It is no longer sufficient, in the opinion of the experts at Kaspersky, to look only at threats to traditional financial institutions; rather, it is preferable to assess financial threats as a whole. This is due to the fact that the threat landscape in the financial sector has been undergoing a dramatic transformation over the past few years. The market for cybercrime has been expanding at a rapid rate, and the vast majority of those who commit cyberattacks do so with the intention of making a financial benefit.
This year, the researchers at Kaspersky have made the decision to adapt their forecasts accordingly, broadening their scope to include both the development of criminal software and the emergence of financial cyberthreats.
Researchers at Kaspersky have made some noteworthy predictions for the year 2023 based on an analysis of the significant events and trends that shaped both the criminal threat environment and the financial threat landscape in 2022. Their most important forecasts are as follows:
Web3 will continue to gain traction thanks to the efforts of gamers and other entertainment industries, but so will efforts to undermine it.
As the use of cryptocurrencies becomes more widespread, the number of fraudulent cryptocurrency transactions also rises. However, consumers are now lot more aware of bitcoin and are not going to fall for unsophisticated schemes such as the questionable cryptocurrency scheme that went viral and featured a video with a deepfake "Elon Musk." Cybercriminals will keep attempting to steal money from individuals by employing phony initial coin offerings (ICOs) and network-forked tokens (NFTs), as well as other types of cryptocurrency-based financial fraud. In addition to the abuse of smart contracts that have vulnerabilities, criminals will employ and develop increasingly sophisticated means in order to spread their illegal activities.
On the dark web market, malware loaders are poised to become the most sought-after commodities.
There are several actors, each of whom possesses their own virus; nevertheless, this is not sufficient on its own. It used to be the case that samples were entirely made up of ransomware. But when ransomware has a variety of modules, it becomes much simpler for the threat to elude detection. As a direct consequence of this, attackers are now spending a much increased amount of attention to downloaders and droppers, both of which have the ability to elude detection. This has become a major commodity in the Malware-as-a-Service industry, and there are already favorites among cybercriminals on the darknet, such as the Matanbunchus downloader. One such example is the Malware Distribution and Analysis Center (MDA). When it comes to malicious loader development in 2023, the primary focus will be on stealth execution as well as the circumvention of EDRs.
Cybercriminals will use a greater number of newly developed frameworks for penetration testing.
While various vendors develop and improve penetration testing frameworks for the purpose of protecting companies, such as Brute Ratel C4 and Cobalt Strike, crimeware actors are expected to use these frameworks significantly more actively for illegal activities. Cybercriminals will increasingly use frameworks for their own malicious purposes, and this trend will occur concurrently with the development of new penetration tools.
Bitcoin's role as a medium of exchange for money will become less important in ransomware discussions and payments.
As sanctions on ransomware payments continue to be issued, markets become more regulated, and technologies improve at tracking the flow and sources of Bitcoin (and sometimes clawing back transactions that are too conspicuous), cybercriminals will rotate away from using this cryptocurrency and toward other forms of value transfer.
In the case of ransomware, criminal organizations will prioritize destructive activity over financial gain.
In light of the fact that geopolitics are increasingly capturing the attention not only of the general public but also of cybercriminals, it is reasonable to anticipate that ransomware groups will demand some form of political action as an alternative to asking for ransom money. Freeud, a brand-new ransomware with wiper capabilities, is a good illustration of this phenomenon.
According to Marc Rivero, senior security researcher at Kaspersky's Global Research and Analysis Team, "We are predicting two major scenes inside the ransomware landscape in the upcoming year." "One of them will be the use of destructive ransomware with the unique purpose of resource destruction and the impact of what we call "regional attacks," in which certain families only impact certain regions. This will be one of the things that we will see. For example, the landscape of mobile malware has undergone significant change in the Latin American region, allowing it to circumvent the security measures taken by banks, such as one-time passwords and multi-factor authentication. Malware-as-a-service is another important thing to keep an eye on because this kind of underground service is frequently found in conjunction with ransomware attacks that affect larger organizations.
Securelist provides access to additional details and information regarding these forecasts.
These financial forecasts are a part of Kaspersky's Vertical Threat Predictions for 2023, which is a part of the Kaspersky Security Bulletin (KSB), which is an annual series of forecasts and analytical reports on key shifts in the world of cybersecurity. Kaspersky's Vertical Threat Predictions for 2023 is one of the segments of the Kaspersky Security Bulletin (KSB).
Please follow the link provided above to review what the Kaspersky experts anticipated would happen in 2022.
Kaspersky is a global company that was founded in 1997 and specializes in cybersecurity and digital privacy. Deep threat intelligence and security expertise are constantly being transformed by Kaspersky into innovative security solutions and services to protect consumers, businesses, critical infrastructure, and governments all over the world. The extensive security offerings provided by the company include industry-leading endpoint protection as well as a variety of specialized security solutions and services designed to defend against increasingly complex and pervasive online dangers. Over 400 million users are protected by Kaspersky technologies, and we assist 240,000 corporate customers in protecting what is most important to them and their business.