FutureFive New Zealand logo
Consumer technology news from the future
Story image

Rise in hacking tool downloads as cybercrime becomes 'more organised than ever'

By Shannon Williams
Wed 28 Jul 2021

There has been a significant increase in the frequency and sophistication of cybercrime activity, including a 65% rise in the use of hacking tools downloaded from underground forums and filesharing websites from H2 2020 to H1 2021, according to the latest global Threat Insights Report from HP.

The researchers noted hacking tools in wide circulation were surprisingly capable. For example, one tool can solve CAPTCHA challenges using computer vision techniques, namely optical character recognition (OCR), in order to perform credential stuffing attacks against websites. 

More broadly, the report found that cybercrime is more organised than ever, with underground forums providing a perfect platform for threat actors to collaborate and share attack tactics, techniques and procedures.

"The proliferation of pirated hacking tools and underground forums are allowing previously low-level actors to pose serious risks to enterprise security," says Dr. Ian Pratt, global head of security, Personal Systems, HP Inc. 

"Simultaneously, users continue to fall prey to simple phishing attacks time and time again. Security solutions that arm IT departments to stay ahead of future threats are key to maximising business protection and resilience," he says.

Notable threats isolated by HP Wolf Security included:

  • Cybercriminal collaboration is opening the door to bigger attacks against victims: Dridex affiliates are selling access to breached organisations to other threat actors, so they can distribute ransomware. The drop in Emotet activity in Q1 2021 has led to Dridex becoming the top malware family isolated by HP Wolf Security.
  • Information stealers delivering nastier malware: CryptBot malware historically used as an infostealer to siphon off credentials from cryptocurrency wallets and web browsers is also being used to deliver DanaBot a banking trojan operated by organised crime groups.
  • VBS downloader campaign targeting business executives: A multi-stage Visual Basic Script (VBS) campaign is sharing malicious ZIP attachments named after the executive its targeting. It deploys a stealthy VBS downloader before using legitimate SysAdmin tools to live off the land, persisting on devices and delivering malware.
  • From application to infiltration: A rsum-themed malicious spam campaign targeted shipping, maritime, logistics and related companies in seven countries (Chile, Japan, UK, Pakistan, US, Italy and the Philippines), exploiting a Microsoft Office vulnerability to deploy the commercially-available Remcos RAT and gain backdoor access to infected computers.

The findings are based on data from HP Wolf Security, which tracks malware within isolated, micro-virtual machines to understand and capture a full infection chain and help to mitigate threats. By better understanding the behaviour of malware in the wild, HP Wolf Security researchers and engineers are able to bolster endpoint security protections and overall system resilience.

"The cybercrime ecosystem continues to develop and transform, with more opportunities for petty cybercriminals to connect with bigger players within organised crime, and download advanced tools that can bypass defenses and breach systems," says Alex Holland, senior malware analyst, HP.

"We are seeing hackers adapt their techniques to drive greater monetisation, selling access on to organised criminal groups so they can launch more sophisticated attacks against organisations," he says. 

"Malware strains like CryptBot previously would have been a danger to users who use their PCs to store cryptocurrency wallets, but now they also pose a threat to businesses. 

"We see infostealers distributing malware operated by organized criminal groups who tend to favour ransomware to monetise their access."

Other key findings in the report include:

  • 75% of malware detected was delivered via email, while web downloads were responsible for the remaining 25%. Threats downloaded using web browsers rose by 24%, partially driven by users downloading hacking tools and cryptocurrency mining software.
  • The most common email phishing lures were invoices and business transactions (49%), while 15% were replies to intercepted email threads. Phishing lures mentioning COVID-19 made up less than 1%, dropping by 77% from H2 2020 to H1 2021.
  • The most common type of malicious attachments were archive files (29%), spreadsheets (23%), documents (19%), and executable files (19%). Unusual archive file types such as JAR (Java Archive files) are being used to avoid detection and scanning tools, and install malware thats easily obtained in underground marketplaces.
  • The report found 34% of malware captured was previously unknown1, a 4% drop from H2 2020.
  • A 24% increase in malware that exploits CVE-2017-11882, a memory corruption vulnerability commonly used to exploit Microsoft Office or Microsoft WordPad and carry out fileless attacks.

"Cybercriminals are bypassing detection tools with ease by simply tweaking their techniques," Holland says. 

"We saw a surge in malware distributed via uncommon file types like JAR files likely used to reduce the chances of being detected by anti-malware scanners," he says. 

"The same old phishing tricks are reeling in victims, with transaction-themed lures convincing users to click on malicious attachments, links and web pages."

Pratt concludes, "As cybercrime becomes more organised, and smaller players can easily obtain effective tools and monetise attacks by selling on access, theres no such thing as a minor breach.

"The endpoint continues to be a huge focus for cybercriminals. Their techniques are getting more sophisticated, so it's more important than ever to have comprehensive and resilient endpoint infrastructure and cyber defense," he says.

"This means utilszing features like threat containment to defend against modern attackers, minimising the attack surface by eliminating threats from the most common attack vectors email, browsers, and downloads."
 

Related stories
Top stories
Story image
Commerce Commission
ComCom puts electronics sector on notice over resale price maintenance
The Commerce Commission has concluded an investigation into allegations that television manufacturers were engaging in illegal resale price maintenance.
Story image
Review
Hands-on review: Philips Hue White and Color Ambiance Starter Kit A60
Philips’ range of Hue smart lighting promises to make any home a smart home. Techday’s Darren Price checks out the Philips Hue White and Color Ambiance Starter Kit A60.
Story image
N4L
N4L, Spark, Chorus partner for Hyperfibre school upgrade
Networks for Learning (N4L) has partnered with Spark and Chorus to upgrade Wellington College to Hyperfibre, fostering stronger outcomes for students and teachers.
Story image
Electricity
Canstar finds Flick Electric NZ’s favourite provider
Canstar’s annual research to find New Zealand’s favourite electricity provider reveals Flick Electric has come out on top.
Story image
Apple
Apple’s watchOS 9 and its new features, including a medications app
The new watch0S 9 gives users more watch faces, an updated workout and sleep app and a brand new medications app.
Story image
Cloud
Apple unveils M2 with 50% more memory bandwidth than M1
Compared to M1, M2 has an 18% faster CPU, a 35% more powerful GPU, a 40% faster Neural Engine, and delivers 50% more memory bandwidth and up to 24GB of fast unified memory.
Story image
Film review
Film review: Jurassic World Dominion
This movie is what happens when you cross a lot of hungry dinos with humanity trying desperately to redeem itself for a mistake, and boy does it try.
Story image
Cloud
Apple reveals new iOS 16 features set to enhance sharing and communication
Apple has unveiled an all-new Lock Screen experience and new ways to share and communicate in iOS 16.
Story image
Cloud
Hisense launches in New Zealand with new product range
Consumer electronics and home entertainment brand Hisense has launched in New Zealand, bringing its range of TVs, refrigeration, and laundry products to Kiwi customers.
Story image
Skills shortage
Tech salaries increase as skills shortage inflates expectations
More technology professionals will receive a pay rise this coming financial year than last, with skills shortages creating a once-in-a-career market.
Story image
Review
Hands-on review: Morphée
Life in the twenty-first century has become a 24-hour affair. Morphée promises to help restore some balance to your life.
Story image
Terramaster
TerraMaster launches its T6-423 Professional NAS with TOS 5 OS
Shenzhen-based data storage manufacturer, TerraMaster, has launched the T6-423 6-bay tower NAS.
Story image
Privacy Commissioner
Aotearoa gets a new Privacy Commissioner: Michael Webster replaces John Edwards
Michael Webster, who is currently the Secretary of the Cabinet, will step into the Privacy Commissioner role on 5 July 2022.
Story image
Cloud
Linktree Marketplace creates new commerce options for creators
Linktree has launched Linktree Marketplace, a new forum for users to discover all of Linktree's partners, Link Apps, and integrations in one place.
Story image
Cloud
Dynabook refreshes Portégé X30L series with the Portégé X30L-K
The new model contains hybrid-architecture Intel 12th Gen Core P-Series 28W processor options, Wi-Fi 6E, along with Intel Iris Xe graphics.
Story image
Cloud
Sony launches LinkBuds S - the latest model in the series
Sony says the LinkBuds S will give users a unique sound experience through sensor and spatial sound technology, even in AR games.
Story image
Remote Working
Hands-on review: EcoFlow River Pro Portable Power station
We get hands-on with an extremely versatile device that every remote worker or outdoor enthusiast should consider.
Story image
Cloud
Apple brings redesigned MacBook Air and updated MacBook Pro to market
Apple has introduced a redesigned MacBook Air and an updated 13-inch MacBook Pro, both powered by the new M2 chip.
Story image
Entelar
How TruSens air purifiers can create healthier workspaces
The pandemic has heightened our awareness of our own and others’ health, and made us all much more conscious of the environments we work in.
Story image
Gaming
Intel Arc A380 graphics units launched in China, global release imminent
New Intel Arc A380 graphics units are set to bring next-generation technologies to gamers and content creators in the coming months. 
Story image
Wireless
WolfVision releases new Cynap Pure Mini screen sharing solution
WolfVision has launched the WolfVision Cynap Pure Mini, a new wireless screen sharing solution that looks to enable easier and more effective presentations.
Story image
Cloud
Microsoft NZ and TupuToa to boost diversity in cybersecurity sector
Microsoft NZ has teamed up with TupuToa to co-develop a cyber security employment programme specifically aimed at creating more diversity in Aotearoa's cybersecurity sector.
Story image
Cloud
Chorus and Nokia launches first trial of 25G PON broadband
Chorus and Nokia have announced the successful demonstration of 25 gigabit per second fibre (Gbps) broadband technology at the Chorus Fibre Lab in Auckland. 
Story image
Cloud
Sony expands X-Series portable speaker range with three new models
The company says the SRS-XG300, SRS-XE300 and SRS-XE200 all contain high-quality and powerful sound pressure due to X-Balanced Speaker Units.
Story image
Phishing
WhatsApp and QR codes the next scam threat - report
KnowBe4 has warned it expects to see an increase in QR Codes and the WhatsApp chat platform being used for phishing and other scams. 
Story image
Cybersecurity
Why is NZ lagging behind the world in cybersecurity?
A recent report by TUANZ has revealed that we are ranked 56th in the world when it comes to cybersecurity - a look into why we're so behind and what needs to be done.
Story image
Cloud
Google announces new version of Chromecast with remote features
Google has announced its newest version of Chromecast, featuring a variety of new features and a new look.
Story image
Broadband
Mercury launches broadband and fibre packages for NZ customers
Mercury has officially launched Mercury Broadband, giving its electricity and gas customers the ability to add fibre to their existing Mercury account.
Story image
Robotic Process Automation / RPA
Automated Guided Vehicles at seaports to grow 26% by 2027
ABI Research says the global use of Automated Guided Vehicles in seaports will exceed 150,000 deployments by 2027. Port authorities are also looking into 5G private networks.
Story image
Cloud
Microsoft and Manaaki Whenua to map NZ's forest cover change
Microsoft and Manaaki Whenua Landcare Research, are teaming up to develop improved detection of land use and forest cover change in New Zealand.
Story image
Design
Hands-on review: Samsung S22 Ultra
I have been impressed by the functions Samsung packed into this phone. I did actually make one phone call on this phone, in between trying out as many of its other uses that I could pack in.
Story image
Cloud
TUANZ to address rural connectivity at 2022 symposium
TUANZ is hosting the Rural Connectivity Symposium for the first time in person since 2019, providing a forum to discuss the state of rural connectivity.
Story image
Cloud
Apple announces new developer tools and APIs for better app experiences
The new announcement encompasses new tools, technologies and APIs that the company says are designed to help developers create better and more involved experiences for their users.
Story image
InternetNZ
Govt must step up to police social media - InternetNZ boss
A technology industry leader is urging the government not to shy away from policing social media platforms in New Zealand.
Story image
Cloud
Apple improves Mac operating system with latest offering
Apple has unveiled the latest version of its desktop operating system, macOS Ventura, providing users with tools for greater productivity.
Story image
Gaming
Game review: The Quarry (PC)
Supermassive Games channel 1980s teen horror movies with their latest suspense-filled cinematic adventure, The Quarry.
Story image
Digital Transformation
SAP partners with New Zealand Rugby for digital transformation
The multi-year partnership will see SAP advance NZR with its organisational operations, team performance, fan experience and sustainability goals.
Story image
Dark web
Cybercrime in Aotearoa: How does New Zealand law define it?
‘Cybercrime’ is a term we hear all the time, but what exactly is it, and how does New Zealand define it in legal terms?
Story image
Gaming
Game preview: The Quarry (PC)
On playing a bit of The Quarry, I began to understand why the game has got its own release rather than just being part of The Dark Pictures Anthology.
Story image
Cloud
Adobe Substance 3D updates, looks to the metaverse
A look at all of Adobe's major updates for Substance 3D and how its services are enabling businesses to get metaverse ready.
Story image
Wireless
Hands-on review: HyperX Pulsefire Haste wireless mouse and HyperX Pulsefire XL Mat
With its lightweight Pulsefire Haste wireless mouse and RGB lit Pulsefire XL Mat, HyperX sets out to up your game and add a little colour to your desktop.
Story image
Digital Transformation
Publicis Sapient and The Man Cave drive digital transformation for mental health
Publicis Sapient and The Man Cave are joining forces to help support the mental health and wellbeing of young men around the world.
Story image
Cloud
Microsoft launches the Surface Laptop Go 2 with new features
Microsoft has introduced the new Surface Laptop Go 2, adding to the company’s growing portfolio of Surface Laptop devices.
Story image
Wireless
ComCom finds NZ broadband compares well with Australia
A new report published by the Commerce Commission has found New Zealand's Ultra-Fast Broadband (UFB) compares well to Australia's National Broadband Network.