Positive Technologies: Most attacks on Middle Eastern individuals involve spyware
Positive Technologies studied attacks on individuals in Middle Eastern countries between 2022 and 2023.
Malware was used in 70% of successful attacks. More than half of these attacks involved spyware. The vast majority of attacks used social engineering techniques.
In 20% of phishing campaigns, the attack was multi-pronged, exploiting multiple social engineering channels simultaneously.
According to Positive Technologies, cybercriminals employed malware in seven out of 10 successful attacks on individuals in the Middle East region.
More often than not, the attackers infected users’ devices with spyware (three out of five malware attacks).
This malware collects information from the infected device and then passes it on to the attacker.
Depending on the task, spyware can steal personal and financial data, user credentials, and files from the device’s memory.
Positive Technologies Information Security Research Analyst Roman Reznikov, said: “By using spyware, attackers can compromise not only personal and payment information and personal accounts, but also corporate credentials, network connection information, and other sensitive data.
“The stolen data is then sold on the dark web forums. As a result, a skilled attacker can gain access to an organization and carry out a successful attack, leading to non-tolerable consequences: disruption of technological and business processes, theft of funds, leakage of confidential information, attacks on customers and partners.”
In the vast majority (96%) of successful attacks on individuals in Middle Eastern countries, social engineering techniques were employed.
Most often, these were mass attacks in which the criminals aimed to reach the maximum number of victims.
To achieve this, they actively leveraged current news about significant global and regional events, including the 2022 FIFA World Cup.
In every fifth (20%) phishing campaign, the attack was multi-pronged, exploiting multiple social engineering channels simultaneously.
Criminals led the victims through several steps until the device was infected and data were stolen.
For instance, users could be lured through social media accounts that contained links to a messenger channel from which the victim would install a malicious programme.
The company’s report contains information about recent information security threats impacting individuals in the Middle East region, based on Positive Technologies’ expertise, as well as data from reputable sources.
The study focuses solely on successful cyberattacks or incidents negatively affecting individuals.
The report covers incidents in Bahrain, Egypt, Israel, Jordan, Iraq, Iran, Yemen, Qatar, Cyprus, Kuwait, Lebanon, UAE, Oman, Palestine, Saudi Arabia, and Syria.
One of the reasons for the success of social engineering is the numerous data leaks from various organisations.
At least 63% of successful attacks on individuals in the region resulted in leaks of confidential information.
Most stolen information comprised personal data (30%) and account credentials (30%).
Cybercriminals were also interested in payment card data (10%) and user correspondence (8%).
On the dark web, malicious actors sell information about users and also provide stolen data archives for free.
Criminals use the compromised information in subsequent attacks on users.
For example, a successful attack on a bank could result in fraudulent actions against its customers.
Cybersecurity experts recommend that users follow cyber-hygiene rules.
Companies also need to ensure the security of employee and customer data. Data breaches cause reputational and financial damage and put at risk users whose information has been compromised.
To maintain cyber-resilience, it is essential to regularly assess the effectiveness of security measures and pay special attention to verifying non-tolerable events.
