Connect with us

TECHNOLOGY

Crypto-collapse, rising smart attacks: Kaspersky reports on DDoS in Q2

August 8, 2022 8:36 p.m.

During Q2 2022, Distributed Denial of Service (DDoS) attacks reached a new level as the share of smart attacks and average duration saw steep increases.

Compared to the previous year, the average duration of a DDoS attack rose 100 times, reaching 3,000 minutes. The share of smart attacks almost broke the four-year record, accounting for nearly 50% of the total. Experts also expect an increase in overall DDoS activity, especially with the recent collapse of cryptocurrency. These and other findings are part of a quarterly DDoS report issued by Kaspersky.

A Distributed Denial of Service (DDoS) attack is designed to hinder the normal functioning of a website or crash it completely. During an attack (which usually targets government institutions, retail or financial companies, media or other organizations) the victim loses customers due to the unavailability of their website and their reputation suffers.

From quantity to quality 

Compared to figures from Q2 2021, Kaspersky’s solutions defended its users against approximately 2.5 times more DDoS attacks. At the same time, in contrast to the beginning of the year with its dramatic surge in attacks due to hacktivist activity, absolute numbers decreased in Q2 2022. However, this does not mean that the DDoS market has cooled down, instead attacks have changed in quality, becoming longer and more complicated.

A comparative number of DDoS attacks: Q2 2022 and Q2 2021 as well as Q1 2022.

Data for Q2 2021 is taken as 100%

Average DDoS session lasted 100 times longer 

The average duration of an attack in Q2 2022 was 3,000 minutes, or two days. It’s 100 times longer than in Q2 2021, when an attack lasted just for 30 minutes on average. Compared to Q1 2022, which was marked with unprecedented durations for DDoS sessions as the result of hacktivist activity, the Q2 figure also shows an increase – by three times. 

Some of the attacks in the past quarter lasted for days or even weeks. A record was set by an attack with a duration of 41,441 minutes, which is just a little less than 29 days. 

A comparative duration of DDoS attacks: Q2 2022 and Q2 2021 as well as Q1 2022. 

Data for Q2 2021 is taken as 100%

“It is extremely expensive to continue an attack for such a long time, especially if it is ineffective due to being filtered by protection solutions. When bots are constantly active, the risk of botnet wear-off, node failure or control center detection increases. The extreme duration of these attacks and the growth in the number of smart and targeted DDoS attacks makes us wonder about the capabilities, professional affiliation and funding sources of the organizers,” comments Alexander Gutnikov, a security expert at Kaspersky.

Smart attacks strive for records

Every second attack in Q2 2022 detected by Kaspersky’s products was smart, meaning its organizers conducted rather sophisticated preparation. The share of smart attacks reached almost 50% in this quarter, which was nearly a new record. The all-time highest share was set four years ago when the DDoS market was in a slump, and it’s unexpected to observe figures that high during a “heated” year in terms of DDoS activity. 

The share of the smart DDoS attacks: Q2 2022, Q2 2021 and Q1 2022

What does the DDoS market have to do with cryptocurrency?

In terms of the number of DDoS attacks, the second quarter was quieter than the first. This is a common phenomenon: the experts usually see a decline in DDoS activity as summer nears. According to the Kaspersky DDoS Intelligence system, this year the dynamics of the number of DDoS attacks within the quarter didn’t match this typical pattern. After a slowdown at the end of Q1, botnet activity steadily grew throughout Q2, resulting in more activity in June than in April. This is consistent with the decline of cryptocurrency, which usually stimulates the heating of the DDoS market.

“The collapse of cryptocurrencies began with the plummet of the Terra (Luna) and has only been gaining momentum since. Various factors indicate that the tendency may continue: for example, cryptominers are selling off farms at low prices to gamers. This can lead to a surge in global DDoS activity,” Gutnikov explains.

Read more about DDoS attacks in Q2 2022 on Securelist.

To stay protected against DDoS attacks, Kaspersky’s experts recommend implementing the following measures:

  • Maintain web resource operations by assigning specialists who understand how to respond to DDoS attacks.
  • Validate third-party agreements and contact information, including those made with internet service providers. This helps teams quickly access agreements in case of an attack.
  • Implement professional solutions to safeguard your organization against DDoS attacks. For example, Kaspersky DDoS Protection combines Kaspersky’s extensive expertise in combating cyberthreats and the company’s unique in-house solutions.
  • Know your traffic. U
Continue Reading
Advertisement

Click to comment

Leave a Reply

Your email address will not be published.

TECHNOLOGY

Kaspersky reports more than 340, 000 attacks with new malicious WhatsApp mod

November 20, 2023 8:52 p.m.

Kaspersky researchers recently uncovered a new malicious WhatsApp spy mod, which is now proliferating within another popular messenger, Telegram.

While the modification serves its intended purpose by extending user experience, it also clandestinely harvests personal information from its victims. With an extensive reach surpassing 340,000 in just one month, this malware predominantly targets users who communicate in Arabic and Azeri, though victims have been identified globally.

Users often turn to third-party mods for popular messaging apps to add extra features. However, some of these mods, while enhancing functionality, also come with hidden malware. Kaspersky has identified a new WhatsApp mod offering not only additions like scheduled messages and customizable options, but it also contains a malicious spyware module.

The modified WhatsApp client’s manifest file includes suspicious components (a service and a broadcast receiver) not present in the original version. The receiver initiates a service, launching the spy module when the phone is powered on or charging. Once activated, the malicious implant sends a request with device information to the attacker’s server. This data covers IMEI, phone number, country and network codes, and more. It also transmits the victim’s contacts and account details every five minutes as well as being able to set up microphone recordings and exfiltrate files from external storage.

The malicious version found its way through popular Telegram channels, predominantly targeting Arabic and Azeri speakers, with some of these channels boasting nearly two million subscribers. Kaspersky researchers alerted Telegram about the issue. Kaspersky’s telemetry identified over 340,000 attacks involving this mod in just October. This threat emerged relatively recently, becoming active in mid-August 2023.


Examples of Telegram channels distributing malicious mods

Azerbaijan, Saudi Arabia, Yemen, Turkey, and Egypt witnessed the highest attack rates. While the preference leans towards Arabic and Azerbaijani-speaking users, it also impacts individuals from the US, Russia, UK, Germany and beyond. 

Kaspersky products detect the Trojan with the following verdict Trojan-Spy.AndroidOS.CanesSpy.

“People naturally trust apps from highly followed sources, but fraudsters exploit this trust. The spread of malicious mods through popular third-party platforms highlights the importance of using official IM clients. However, if you need some extra features not presented in the original client, you should consider employing a reputable security solution before installing third-party software, as it will protect your data from being compromised. For robust personal data protection, always download apps from official app stores or official websites,” comments Dmitry Kalinin, security expert at Kaspersky.

To stay safe, Kaspersky experts recommend: 

  • Use Official Marketplaces: Download apps and software from reputable and official sources. Avoid third-party app stores, as the risk that may host malicious or compromised apps is higher.
  • Use reputable security software: Install and maintain reputable antivirus and anti-malware software on your devices. Regularly scan your devices for potential threats and keep your security software up to date. Kaspersky Premium protects its users from known and unknown threats. 
  • Educate yourself about common scams: Stay informed about the latest cyber threats, techniques, and tactics. Be cautious of unsolicited requests, suspicious offers, or urgent demands for personal or financial information. 
  • Third-party software from popular sources often comes with zero warranty. Keep in mind that such apps can contain malicious implants, e. g. because of supply chain attacks.
Continue Reading

TECHNOLOGY

Globe’s next-gen leaders delve into AI and humanity at International Design Conference

October 27, 2023 3:45 p.m.

Globe’s next generation leaders shared invaluable insights on the blend of Artificial Intelligence (AI) and the human experience at the 7th International Design Conference, an event that marked the 50th anniversary of the Design Center of the Philippines.

Returning with more disruptive design concepts and an immersive environment that encouraged attendees to rethink limits, the two-day conference, held in cooperation with Globe, unveiled the evolving landscape and transformative potential of design.

Design luminaries and game-changers from the design sector and the Philippine creative economy collaborated to captivate audiences with immersive keynote presentations, provocative fireside chats, inspiring case studies, future-focused visioning, and an industry meet-up.

Globe’s Wil Sarmiento, Director and Head of Customer Lifecycle, and Paolo Toledo, Director and Head of Creatives, stood out with their forward-thinking perspectives.  They joined world-renowned personalities such as award-winning design critic and author Alice Rawsthorn, program director of the Danish Design Centre Christina Melander; Sarah ichioka, founding director of Desire Lines; Dr. Anna Whicher, Policy Consultant of the “Making Design Count: The Value and Impact of Design on the Philippine Economy”; and Professor Daniela Bohlinger, Sustainability Design Pioneer.

Sarmiento, delivered a keynote that delved into the future skills in the age of human-machine collaboration, underscoring the potential of a symbiotic relationship that harnesses the strengths of both.

“Remember the value that you bring to the table: creativity, empathy, and the ability to change. AI will open doors that only humanity will be able to walk through,” he pointed out.

In a thought-provoking panel discussion led by Beth MacDonald, Chief People Officer of Biocellion SPC, Toledo, highlighted the intrinsic value of human intuition and design in an AI-driven world.

“Being human is the greatest design of all. While technology provides efficient solutions, it simply answers “what’s right” or “what’s needed”. BUT it’s us humans who trigger innovation and purpose. We hold the power to ask “what’s next?” and more importantly, “what for?” he said.

The International Design Conference, with its rich legacy of championing design innovation, is a thought leadership platform that celebrates the intersection of design, business, technology, and policy while thriving at the edge of disciplines to remain provocative and to use design and creativity to ask difficult questions and to take the audience to new territories.

Globe’s design leaders not only contributed to this dialogue but also illuminated the path forward, emphasizing a future where technology and human ingenuity seamlessly converge.

(Left) Paolo Toledo, Globe Head of Creatives; (Right) Wil Sarmiento, Globe Head of Customer Lifecycle

For more information about the International Design Conference and its key takeaways, please visit  www.facebook.com/DTI.DesignCenterPH.

To learn more about Globe, go to https://www.globe.com.ph/.

Continue Reading

TECHNOLOGY

LG honored with multiple awards for Innovative Product Design at IDEA 2023

September 4, 2023 3:11 p.m.

LG Electronics (LG) has once again been recognized for outstanding product design, earning 13 awards at the International Design Excellence Awards (IDEA) 2023, announced at the International Design Conference in New York, New York.

The LG PuriCare AeroTower, an air purifier that can also be used as a side table and mood lamp, was honored with a Bronze Award at yesterday’s conference. Offering personalized performance and design options, as well as a compact form factor, LG’s air purifier can be tailored to match any home interior and is ideal for smaller spaces. With its latest win, the LG PuriCare AeroTower has now been recognized by all three of the world’s top industrial design award programs: IDEA, the Red Dot Award and iF Design Award.

Another IDEA 2023 honoree, the LG OLED Flex (model LX3) is an innovative TV featuring the world’s first bendable 42-inch OLED screen. The LX3, which made its international debut at IFA last year, offers a new level of screen customizability – its self-lit display able to go from completely flat to spectacularly curved with the push of a button.

“The achievement from this year’s IDEA is the result of the synergy between customer experience-centered technology and aesthetics,” said Hwang Sung-gyul, head of the Design Management Center at LG Electronics. “We will continue to improve the level of perfection by reflecting innovative customer experiences beyond the existing framework in product design by constantly communicating and empathizing with customers.”

Organized annually by the Industrial Designers Society of America (IDSA), IDEA is one of the world’s leading design award programs, recognizing exceptional achievements in the area of industrial design while taking into consideration various factors relating to design strategy, digital interaction, the environment, and social impact, when selecting award recipients.

Life’s about more than having the latest technology, rather, it’s about the experiences technology creates that impact our lives. LG Electronics Philippines delivers consumer electronics through top-of-the-line home entertainment appliances that prepare Filipinos for their greatest moments. LG promises to bring “Innovation for a Better Life” nationwide – from Luzon, to Visayas, and Mindanao. LG products are available via lg.com/ph and through its flagship stores in Lazada and Shopee. For more information, visit and follow their social media channels on FacebookInstagramTiktok and Youtube (@lgphilippines).

Continue Reading