G DATA CyberDefense AG | Press Center
  • Press releases
    • Press Releases
  • Media
    • Logo
  • Contact
Go
  •  0
    • 0 Files in Lightbox
  • EN
    • Deutsch
    • English
    • Nederland
G DATA Presse Center

Terms of use

Welcome to the G DATA CyberDefense newsroom.
We look forward to supporting you with your reporting and are always at your disposal for questions and comments.

Please mind our terms of use.

In summary, it is about the following: We ask you primarily to observe copyright and usage rights and not to use the content available in the newsroom for advertising purposes. If you want to use content from the newsroom for purposes other than non-advertising, journalistic purposes, please contact us at presse@gdata.de.

A service for publicists

The content available here is made available to you by G DATA Cyberdefense AG, Königsallee 178, D-44799 Bochum for journalists and other media professionals.

In the G DATA CyberDefense newsroom you have access to texts, images, sound and film material (content). By using the newsroom, you assure that you will use the content and materials offered exclusively for the purpose of your journalistic work. The content provided is free to use.

Right of Use and Purpose
Any further use for commercial purposes of any kind or use in particular for advertising purposes without express permission is prohibited.

Content may be edited and changed as long as it remains clearly recognizable and no changes are made to the content that might favor a different meaning than that originally intended. The content may not be reproduced in a meaningless context.

The content may not be used in an objectionable or illegal context.

Copyright and Privacy Rights and Legal Notice

All content and the design itself are protected by copyright, usage and personality rights, registered trademark rights and other laws related to intellectual property rights.

All content provided in the newsroom is owned by G DATA CyberDefense or external owners who provide content and are named in the newsroom. When using images, films or other illustrations, please cite the specified source.

Provision of Service and Content

Content may contain links to other websites. We have no control over any linked content and are not responsible for their content or for any loss or damage which may arise from your use of any such link.

Registration for press distribution lists

Information that you provide as part of the inclusion in the press mailing list must be based on correct and up-to-date data, correspond to the truth and be complete. If your data or main topics change, you can simply send us an e-mail to presse@gdata.de.

We reserve the right, at our sole discretion, to refuse to be included in the press mailing list; we are not obliged to give reasons.

Specimen copy

If you have used the content provided for a publication, we would be pleased if you emailed us a link to presse@gdata.de or sent a specimen copy free of charge to the postal address (G DATA Cyberdefense AG, Königsallee 178, D- 44799 Bochum).

  • Press releases /
  • Press Releases
  • Alle
  • Text
  • Images
17.11.2022 | 1 Image

G DATA threat report: Targeted cyber attacks instead of mass attacks

Attackers still exploiting Log4J vulnerability.
G_DATA_KeyVisual_ThreatReport
G_DATA_KeyVisual_ThreatReport © G DATA CyberDefense

This press release has:

Appearances are deceptive. Although the number of cyber attacks is declining, cyber criminals are very active right now. This is reflected in the current threat report from G DATA CyberDefense. Criminals are currently making great use of Berbew, Neojitt and FormBook to infiltrate private users and companies.

Press release Plain text

In mid-December 2021, the German Federal Office for Information Security (BSI) issued a red alert for the Log4J (also known as Log4Shell) vulnerability. Even back then, the authority was warning that cyber criminals were actively exploiting the vulnerability. These fears are currently proving true, as the current threat report from G DATA CyberDefense shows. Instead of new waves of attacks, cyber criminals are currently launching targeted attacks on companies that they had already infiltrated using the vulnerability at the end of last year. Back then, the attackers installed backdoors which went unnoticed. They are now exploiting these and smuggling additional malicious code into the network - up to and including the encryption of data. Particularly alarming is the fact that not all companies have closed this vulnerability yet. This means that they are still a potential target for cyber criminals, who have the appropriate tools for finding and infiltrating these exposed systems.

“Unfortunately, what we had predicted at the beginning of the year about the exploitation of the Log4J vulnerability is currently materializing”, says Tim Berghoff, Security Evangelist at G DATA CyberDefense. “Because of the ease of exploitation, criminals started by stockpiling hundreds of thousands of systems and have only recently begun to monetise these infections, for example by uploading ransomware. Those who installed the available security update early should be on the safe side.”

The number of new cyber attacks is declining, as it did in the second quarter. Comparing the third quarter of 2022 to the second, the number of averted attacks fell by 13.7 percent. The decline is greater for consumers than for businesses. The number of averted attacks on business customers fell by 7.5 per cent from the second quarter to the third, and by almost 15 per cent for private customers.

New attack routes into networks
Cyber criminals are currently using the malware Berbew, Neojitt and Formbook to attack systems. Berbew is a Trojan that reads passwords and sends them to a remote web server. Berbew also acts as a web proxy, allowing attackers to use the infected system as a relay for remote access to other systems. Cyber criminals distribute the Trojan via email as an attachment containing malware or via data sharing programs.

FormBook is an infostealer that exfiltrates data from infected systems, such as credentials cached in web browsers or screenshots. In addition, it also functions as a downloader, allowing attackers to execute malicious files on an infected system. Formbook is so widespread because it is marketed on underground forums at a low price under a malware-as-a-service (MaaS) model.

No reason to sound the all-clear
Despite the declining numbers, overall IT security in Germany is less than ideal. Attackers are consistently exploiting security gaps to compromise companies. Inattentive employees are also repeatedly opening the door to the network for cyber criminals when they fall for phishing emails and open attachments with malicious code or disclose access data on fake websites. Many companies still have some catching up to do in this area - both in terms of technological protection measures and security awareness.

Print page Send link
G DATA CyberDefense
With holistic cyber defence services, G DATA CyberDefense makes you defensible against cybercrime. The renowned IT security company protects with AI technologies, endpoint protection, security monitoring and offers penetration tests, incident response and awareness training in order to secure companies in the best possible way.

G DATA CyberDefense AG supports its customers in every security situation. From the headquarters in Bochum, more than 550 employees ensure the digital security of companies, critical infrastructures such as hospitals or airports as well as millions of private users. With almost 40 years of expertise in malware analysis, G DATA has become a top player in the cybersecurity world and conducts research and software development exclusively in Germany. This also applies to service and support, which is available around the clock for customers all over the world. G DATA security solutions are available in more than 90 countries and have received numerous awards from independent test institutes.

 

All contents of this press release as .zip:

Direct download

Release text (3317 Characters)

Plain text Copy release text

Images (1)

G_DATA_KeyVisual_ThreatReport
G_DATA_KeyVisual_ThreatReport
1 200 x 630 © G DATA CyberDefense
File size: 150,2 KB | .jpg
| | All sizes
G_DATA_KeyVisual_ThreatReport
G_DATA_KeyVisual_ThreatReport

© G DATA CyberDefense

Contact

(2) Kathrin Beckert-Plewka
Kathrin Beckert-Plewka
Public Relations Managerin

+49 234 9762 - 507
kathrin.beckert@gdata.de

G_DATA_KeyVisual_ThreatReport

G_DATA_KeyVisual_ThreatReport (. jpg )

© G DATA CyberDefense
Measures Size
1200 x 630 150,2 KB
600 x 315 64,8 KB
x Loading
Direct download
Save to lightbox
SIGN UP
If you would like to receive our latest press releases automatically, just sign up for our mailing list here:

Mailing list

GTC
Privacy Policy
Imprint
Press contact
Vera Haake
Pressesprecherin/ Spokesperson

+49 234 9762 - 376
vera.haake@gdata.de