Friday, November 22, 2024
Friday, November 22, 2024
- Advertisement -

AI-driven cybercrimes soar amid clampdown in first half of 2024

LockBit still tops the list of ransomware families with the highest file detections during the first half

Must Read

- Advertisement -
- Advertisement -
  • Banking institutions were hit hardest by ransomware attacks in the first half of 2024, followed closely by technology sector.
  • Trend Micro’s report highlights resilience of threat actors.

Trend Micro warned that threat actors have bounced back from recent law enforcement efforts to unleash a new wave of attacks leveraging AI and other techniques.

As per Trend Micro’s first half report, malicious actors remains acute despite successful law enforcement actions against LockBit (Operation Cronos), dropper malware networks (Operation Endgame), and unsanctioned use of Cobalt Strike (Operation Morpheus).

LockBit is widely recognised as the world’s most prolific and harmful ransomware, causing billions of euros worth of damage and has even developed a new variant, LockBit-NG-Dev.

The Department of Justice joined the United Kingdom and international law enforcement partners in February this year and announced the disruption of the LockBit ransomware group.

No time for complacency

The partners disrupted LockBit’s operations by seizing numerous public-facing websites used by LockBit to connect to the organisation’s infrastructure and seizing control of servers used by LockBit administrators, thereby disrupting the ability of LockBit actors to attack and encrypt networks and extort victims by threatening to publish stolen data.

In addition to the seizing of technical infrastructure, the law enforcement operations around LockBit also include arrests in Poland, Ukraine, and the US, as well as sanctions for two alleged members of the group who are based in Russia. The group has members spread around the world, the officials said.

Tony Lee, Head of Consulting at Trend Micro Hong Kong and Macau, said that Trend Micro blocked over 75.9 billion threats for customers in the first half of the year, but there’s no time for complacency.

“As malicious actors begin to embrace AI as a tool, industry must respond in kind, by designing security strategies to take account of evolving threats. This is an arms race we can’t afford to lose.”

A big cause of concern, he said is criminal use and abuse of AI.

Deepfake offerings rise

During Operation Cronos, Trend Micro analysed an in-development LockBit sample with a completely new code base – LockBit-NG-Dev (where NG stands for “new generation”). Based on Trend Micro’s analysis, LockBit-NG-Dev is written in .NET, is compiled using CoreRT, and is believed to be platform-agnostic.

Trend Micro has observed threat actors hiding malware in legitimate AI software, operating criminal LLMs, and even selling jailbreak-as-a-service offerings.

The latter enable cybercriminals to trick generative AI bots into answering questions that go against their own policies—primarily for developing malware and social engineering lures.

Also in the first half, cybercriminals have been ramping up deepfake offerings to carry out virtual kidnapping scams, conduct targeted BEC-type impersonation fraud, and bypass KYC checks. Trojan malware has been developed to harvest biometric data to help with the latter.



Sign up to receive top stories every day

- Advertisement -

Latest News

Locad raises $9m to spread wings into UAE and Saudi Arabia

Locad new funding will also be used to enhance Locad's AI-driven smart logistics capabilities.

UAE stands at helm of tech-driven banking revolution in Mideast

UAE commands major portion of region’s $3.2tr banking assets and aims at establishing a global benchmark.

India takes regulatory action against WhatsApp and fines $25.4m

CCI directes WhatsApp to cease sharing of user data with other applications owned by Meta Platforms
- Advertisement -
- Advertisement -

More Articles

- Advertisement -