A view of the Q1 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The first quarter of 2020 was, without a doubt, defined by the outbreak of COVID-19 – now a pandemic that has put much of the world under lockdown, disrupting people’s lives in unprecedented ways.
In the face of these developments, many businesses were forced to swiftly adopt work-from-home policies, thereby facing numerous new challenges. The soaring demand for remote access and videoconferencing applications has attracted cybercriminals who quickly adjusted their attack strategies to profit from the shift.
Cybercriminals also haven’t hesitated to exploit public concerns surrounding the pandemic. In March 2020, we saw a surge in scam and malware campaigns using the coronavirus pandemic as a lure, trying to capitalize on people’s fears and hunger for information.
Even under lockdown, our analysts, detection engineers and security specialists continued to keep a close eye on this quarter’s developments. Some threat types – such as cryptominers or Android malware – saw a decrease in detections when compared with the previous quarter; others – such as web threats or stalkerware – were on the rise. Web threats in particular have seen the largest increase in terms of overall numbers of detections, a possible side effect of coronavirus lockdowns.
The researchers in ESET’s Research Labs also did not stop investigating threats – Q1 saw them dissect obfuscation techniques in Stantinko’s new cryptomining module; detail the workings of advanced Brazil-targeting banking trojan Guildma; uncover new campaigns by the infamous Winnti Group and Turla; and uncover Kr00k, a previously unknown vulnerability affecting the encryption of over a billion Wi‑Fi devices.
Before lockdowns became the new normal, experts from ESET Research Labs were sharing their insights at security conferences and events around the world. In February, they unveiled the Kr00k vulnerability research and led a workshop for hunting Linux malware at RSA Conference 2020, and presented two talks at BlueHat IL.
Follow ESET research on Twitter for regular updates on key trends and top threats.