According to data from Kaspersky Security Network for business users in Turkey, in the second quarter of 2022, Trojan Spy (spyware that can collect the victim’s credentials) The number of affected users has increased compared to the previous quarter.

Spyware is a type of malware used to spy on a user’s actions (tracking data entered with the keyboard, taking screenshots, getting a list of running applications, etc.). The collected information is sent to the malicious user who controls the spyware via email, web messaging, and other methods. Spyware can be installed on any device, be it desktop or laptop computers, servers and mobile devices, and can be masked in the same way as regular apps to go undetected. Spyware is used to collect bank cards, login details, passwords and other valuable data.

In 2021, Kaspersky experts will target many industrial and government organizations. PseudoManuscrypt the spyware module detected. This software collected VPN connection data, recorded keystrokes, took screenshots and videos, recorded audio with microphone; clipboard data and OS event log data stolen. Corporate espionage was one of the possible targets of the campaign. Other spyware threats monitored by Kaspersky experts are well-known examples such as Pegasus, Chrysaor, FinSpy, CoolWebSearch, Gator.

According to Kaspersky data, the number of users affected by Trojan Horse Spy in Turkey increased by 5 in Q2 2022 compared to Q1.

Head of Technical Expertise, Kaspersky META Region Emad Haffasaid: “Spyware remains one of the most popular types of malware that enables corporate espionage or intellectual property theft. It is often used in a targeted manner and infiltrates corporate networks for information gathering. It is common for spyware to infect an employee’s device, causing certain company data to leak. In addition, the compromised employee’s credentials are more likely to be used as an entry point to more informative corporate networks. One of the main features of spyware is its ability to dodge. Therefore, a competent Security Operations Center along with advanced cybersecurity solutions is required to mitigate the threat. Kaspersky Endpoint Security for Business and Kaspersky Anti Targeted Attack help organizations block spyware on corporate systems.”

To protect your organization from spyware, Kaspersky experts recommend the following:

• Give your SOC team access to the latest Threat Intelligence (TI). Kaspersky Threat Intelligence Portal is the hot spot for the company’s TI that provides data and insights on cyber attacks that Kaspersky has collected over the past 20 years. To help companies defend themselves effectively in these turbulent times, Kaspersky provides free access to independent, constantly updated and globally obtained information about ongoing cyber-attacks and threats. You can request access here.
• Upgrade your cybersecurity team’s skills to face the latest targeted threats with Kaspersky’s online training developed by GReAT experts.
• Use an enterprise-grade EDR solution such as Kaspersky EDR Expert. With this solution that automatically combines alerts with events, you can use them to detect threats among the crowd of alerts, analyze and respond to the event in the most effective way.
• In addition to using basic endpoint protection, use an enterprise-level security solution, such as Kaspersky Anti Targeted Attack Platform, which detects advanced network-level threats at an early stage.
• Since many targeted attacks start with social engineering techniques such as phishing, you should equip your team with practical skills through security awareness training using tools such as the Kaspersky Automated Security Awareness Platform.

Source: (BYZHA) – Beyaz News Agency