Flubot malware, botnets, phishing round out top security issues plaguing Kiwis in Q3
Malware and scams continue to plague thousands of New Zealanders, laying $3.3 million to waste in just three months.
CERT NZ released its Q3 Quarterly Report this week, bringing the total to 2,072 reports between 1 July and 30 September. There was a 53% rise in the number of cases reported to the agency compared to Q2.
Of these reports, 1,071 related to phishing or credential harvesting; 488 related to scams and fraud; 225 related to unauthorised access; and 151 related to malware. Website compromise; ransomware; suspicious network traffic; denial of service; botnet traffic; C-C server hosting, and 'others' rounded out the top incident report categories.
However, direct financial losses from security incidents have dropped slightly to $3.3 million, down from $3.9 million in Q2. While these are still staggering numbers, there is a marked improvement from the $6.4 million lost in Q3 last year. In total, 52% of incidents reported losses of below $500, while seven incidents involved losses of more than $100,000.
CERT NZ highlights a rise in malware attacks compared to the previous period (up from 32 reports in Q2 to 151 reports in Q3). Director Rob Pope says attacks are getting more sophisticated, pointing to the FluBot malware as a prime example. The FluBot malware is spread via text messages. When a user with an Android phone clicks the link inside the text message, the malware is installed.
The agency explains, "Once the malicious application is installed it can extract data from the phone, like credit card and banking details. It also automatically redistributes the text message to contacts it has stolen from other infected devices. Once the message is sent, the phone blocks the number so the recipient cannot respond to avoid raising any suspicion with the sender.
The malware was also evolving as it conducted its attacks. As a result, Pope says, "the messages were changing as fast as we could report on them.
Graphic supplied by CERT NZ.
While tech support calls never disappeared from the threat landscape, they seem to be putting more pressure on New Zealanders, who are reporting more cases. There were 72 reports in Q3, up from 45 in the previous quarter.
The report also suggests a rise in the number of distributed denial of service (DDoS) attacks conducted via botnets. Botnets are large groups of compromised IoT devices such as sensors, internet-connected cameras, and even internet routers.
"By simply changing the default passwords that come with the device and updating the software, you can keep your new toys out of the hands of attackers. And if your device doesn't really need to be connected to the internet, disconnect it," says Pope.
You can report cybersecurity incidents to CERT NZ by visiting https://www.cert.govt.nz/individuals/report-an-issue/ or phoning 0800 CERT NZ, Monday to Friday, 7:00 am – 7:00 pm.