Avast report reveals rise in AI-powered cyberattacks & scams

The Q1 Threat Report from Avast has identified a rise of AI usage in cyberattacks, including deepfakes, AI-manipulated audio, and hijacked social media. The report discloses that almost 90 percent of cyberthreats now involve social engineering, where the recipient is manipulated, and warns of a substantial surge in scams involving deepfake video and audio technology. It also reveals that YouTube is frequently used as a platform for circulating malware and that 'Malware as a Service (MaaS)' has become a burgeoning business opportunity for cybercriminals.

Scams, phishing, and malvertising have been identified as 90 percent of all threats on mobile devices and 87 percent of hazards on desktop in 2024, based on the Avast Threat Report findings. The research also brings to light the increased adoption of advanced tactics by scammers like deepfake technology, AI-manipulated audio synchronisation, and hijacking popular social channels such as YouTube for fraudulent content distribution.

While all social media platforms are ripe for scams, Avast telemetry suggests that YouTube has emerged as a significant crime channel. The company had to protect 4 million unique users against threats on YouTube in 2023 and approximately 500,000 from January to March 2024. Automated advertising systems meshed with user-generated content pave a smooth passage for cybercriminals to sidestep regular security measures. This makes YouTube a powerful launchpad for phishing and malware deployment. Cybercriminals employ a range of videos, including stock footage or elaborate deepfakes, and exploit famous individuals and significant media events to attract large audiences and make their threats credible.

One method that YouTube allows is aiding Traffic Distribution Systems (TDS), which guide users to malicious sites and support a range of scams. Scammers, for example, send personalised emails to YouTube creators proposing fake collaboration opportunities or upload videos with descriptions holding malicious links. They also catch hold of YouTube channels via phishing or malware and modify these channels to promote scams. Such scams often involve fake giveaways demanding an upfront deposit from viewers. In addition, attackers manufacture websites that mimic reputable companies and offer illegal downloadable software. Criminals post tutorial videos or offers for cracked software to lure people into downloading malware disguised as valuable tools.

A worrying trend highlighted in the report is the rise in 'Malware-as-a-Service' (MaaS) businesses. These illicit enterprises have taken advantage of the upswing in scams, presenting a new profitable venture for cybercriminals. Organised crime groups employ this model to hire smaller-scale criminals who are interested in making fast money by spreading malware on their criminal group’s behalf. In return, these criminals can purchase the malware, subscribe to it, or partake in a commission-style partnership.

Despite all this, the most common malware used in MaaS is still information stealers, which continue to find novel distribution channels, such as Microsoft Teams, using phishing. Jakub Kroustek, Malware Research Director at Gen, states, "In the first quarter of 2024, we reported the highest ever cyber risk ratio – meaning the highest probability of any individual being the target of a cyberattack...Unfortunately, humans are the weakest link in the digital safety chain, and cybercriminals know it. They pray on human emotions and the quest for knowledge to infiltrate people’s lives and devices for financial gain."