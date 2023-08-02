August 02, 2023 01:11 pm | Updated 01:48 pm IST

The emergence of new Advanced Persistent Threat (APT) actors, the use of updated tool kits, and the creation of new malware variants along with the adoption of fresh techniques by cybercriminals were found to be the key trends in the cybersecurity landscape in Q2 2023.

New threat actors belonging to the ‘Elephants’ family, operating in the Asia-Pacific region, dubbed “Mysterious Elephant” were found using new backdoor families to target victims. These backdoor families were found to be capable of executing files and commands from a malicious server on the infected system, a report from Kaspersky said.

Threat actors were also found to be constantly improving their techniques, with Lazarus, a cybercrime group, upgrading its MATA framework, which is a multiplatform targeted malware framework.

BlueNoroff a financial attack-focused subgroup of Lazarus, was found to be using new delivery methods and programming languages, including the use of Trojanized PDF readers in recent campaigns, the implementation of macOS malware, and the Rust programming language, the report said.

Additionally, ScarCruft another APT group was found to have developed new infection methods, evading Mark-of-the-Web (MOTW) security mechanisms posing new challenges for cybersecurity professionals.

The report also highlighted geopolitical factors driving APT activity. While being geographically dispersed, attacks by APT groups were found to be concentrated in Europe, Latin America, the Middle East, and various parts of Asia.

Cyber espionage, with a geopolitical backdrop, continued to be a dominant agenda for these endeavors, the report said.

While some threat actors were found to stick to familiar tactics like social engineering, others evolved, refreshing toolsets and expanding their activities. New actors were also found to be using previously unknown iOS malware to conduct zero-click iMessage exploits, David Emm, principal security researcher at Kaspersky’s Global Research and Analysis Team (GReAT) said.

“Kaspersky has been monitoring all the active APT actors in the region that infect mobile devices and are slowly targeting businesses and infrastructure,” Adrian Hia, Managing Director for APAC at Kaspersky said.