October 2022

In T2 2022, ESET researchers saw the continuation of the sharp decline of Remote Desktop Protocol (RDP) attacks, which likely continued to lose their steam due to the Russia-Ukraine war, along with the post-COVID-19 return to offices and overall improved security of corporate environments.

Apart from that, ESET’s research team also uncovered a previously unknown macOS backdoor and later attributed it to ScarCruft, discovered an updated version of the Sandworm APT group’s ArguePatch malware loader, uncovered Lazarus payloads in trojanized apps, and analyzed an instance of the Lazarus Operation In(ter)ception campaign targeting macOS devices while spearphishing in crypto-waters.

In terms of threats mostly impacting home users, a sixfold increase in detections of shipping-themed phishing lures has been observed, most of the time presenting the victims with fake DHL and USPS requests to verify shipping addresses. These are just a sneak peak of what the ESET Threat Report T2 2022 can offer in terms of the latest expert insights from the field of contemporary cybersecurity.