DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.
One computer virus after another has plagued the digital world since its inception. Over time, more and more people realized that this is a lucrative opportunity for making easy money, resulting in an increase in the number of organized criminal groups that operate online. Today, we as individuals often face embarrassing online leaks of personal data, while organizations suffer attacks that lead to the loss of millions of dollars.
Even with the ongoing attempts of the authorities to combat these criminal activities, the war is far from over. As projected, the year 2022 brought new bad actors to the scene who have been responsible for some serious breaches. You may have guessed – there’s a lot more than one new computer virus joining the bunch. In this article, we’ll cover some of the most notorious threats and explain how you can protect yourself.
Brand New Threats
April 2022 was a particularly challenging month that gave headaches to multiple users and organizations. It was during this month that new super threats in the form of ransomware as a service (RaaS) came to life. These are Mindware, Black Basta, and Onyx. The resurgence of REvil, a notorious RaaS group, also took place.
Mindware started performing attacks during March, but its full-scale arsenal was unleashed with the double extortion attack. Specifically, in this type of attack, cybercriminals steal data before even encrypting it. New computer viruses often come with new intrusion techniques.
Since it belongs to the Sfile family, many were led to believe that this ransomware threat is actually not new at all but a rebranding of an already existing strain. That is yet to be established.
Black Basta rose to prominence after 11 major attacks in April 2022. Similar to Mindware, Black Basta was initially assumed to be an old bad actor in the guise of a new one since the attacks were highly efficient and caused severe damage.
Some believe that Black Basta, like Onyx, is linked to the Conti group.
This latest malware strain belongs to a ransomware type that was first believed to be a potential wiper since it wiped out files that were of certain sizes rather than encrypting them. However, it turned out to be a razor-sharp, dangerous ransomware tool and the wiping of the files was only due to the bug.
Onyx is based on Conti ransomware. The note sent to victims typically informs them that they are advised against attempting to decrypt the files as that might damage them. It also warns them that all files will be leaked if the ransom is not paid.
Threats and Viruses of 2022
New virus threats crop up almost daily, and cybercriminals never seem to rest. As a matter of fact, ransomware attacks target businesses every 40 seconds. Most of the criminal groups responsible for these attacks are successfully hiding, and the authorities can’t do much to ascertain their identities. Many of them continue to be major security threats in 2022. We’ll cover some of the most dangerous attackers and explain how they work.
Clop ransomware attacks are mostly aimed at organizations rather than individuals. The reason behind this is simple – corporations and institutions are more likely to pay a heftier ransom since their data is more sensitive and instrumental for further business operations.
The moment the user tries to open an infected file, a ransom note pops up detailing payment instructions. Recent security threats, like this one, usually involve cryptocurrencies as the cybercriminals’ preferred payment method.
It’s highly advisable not to pay the ransom that an attacker is demanding. In the case of Clop ransomware or any similar malware, there’s no guarantee that the files will be restored after payment or that the attack won’t happen again.
Third parties can pose a serious threat because some hackers who are not able to compromise their target’s network can do so by first penetrating the third-party systems that have stored their sensitive data.
We saw this in 2021 when users’ data was leaked from Facebook, LinkedIn, and Instagram. The attackers didn’t have to devise the deadliest computer virus to hack these companies. They simply found a vulnerability in the third-party contractor.
These attacks are on the rise even in 2022, as more companies are turning to third-party contractors.
Zeus Gameover is a Trojan that is mostly used for stealing victims’ bank information. Because of its ability to bypass centralized servers, this malware is almost impossible to track down as there’s no way of knowing where the data has gone.
Created by Russian hacker Evgeniy Bogachev, Zeus Gameover is a peer-to-peer botnet belonging to the Zeus family.
Some of the latest computer viruses are successful in hacking clouds. Although it could be assumed that the cloud is less susceptible to attacks, IBM reports indicate that these attacks have gone up by 150% during the last five years. As many professionals decided to continue working from home, businesses have been heavily relying on clouds, which explains why these attacks are more common in 2022.
IoT use surged during the COVID-19 pandemic, with more than 10 billion active IoT devices in 2021. Working from home put these devices at risk because average users were less focused on internet security than companies. In addition, IoT devices are convenient for hackers because they are usually not equipped with anti-malware since they have low storage.
According to Kaspersky, in the first half of 2021 only, 1.5 billion breaches took place around the world.
Some computer viruses today are customized so they can breach endpoints, and often these are IoTs. It is estimated that 3.5 billion breaches of IoT devices will take place by 2023.
Ransomware as a Service (RaaS)
Ransomware as a Service entails selling or renting ransomware to people who want to use it without having to develop it themselves. Some of the most dangerous computer viruses are used to wreak havoc by people who didn’t create them.
The reason this form of business is lucrative is that there is a high demand for it on the dark web. Those who want to enter the world of cybercrime can simply log in and start spreading the malware, even with little knowledge of how it works.
One such example is the DarkSide. This hacker crew is selective when choosing its customers, whom they interview before agreeing to rent or sell their service.
Unlike some attackers, who specialize in a certain type of device, DarkSide attacks are aimed at everyone, regardless of the operating system or the network type. Even though it’s believed that Macs are less prone to ransomware than computers that run on Windows, viruses and malware can infect computers no matter the type.
Social Engineering and Subtypes
Social engineering attacks work by tricking users into sharing their sensitive information. This can be done via phishing emails or even SMS messages and phone calls.
Vishing & Smishing
Vishing is also known as voice phishing and works by extracting information from the victims through phone calls. It is usually done automatically. The attacker calls the victim and takes information from them while talking on the phone. Much like recent malware attacks and phishing attempts, the attacker talks to the victim, pretending to be someone from the bank. They can also record an automated voice message and call the victim, who thinks that they’re following the bank’s instructions.
On the other hand, smishing works by sending fake SMS messages to a victim. There is typically a link on which the victim is supposed to click. They’re often informed that if they do not sign in, their account will be suspended. Once they do this, all their data can be stolen. A quick peek at any malware database can reveal that these risks are spreading by the minute.
Similarly to vishing and smishing, online baiting has gained in popularity during 2022. Advertisements have become unavoidable in our lives, but some of them may be more than just a nuisance.
Some advertisements can infect your computer, and it’s usually those that seem too good to be true. When you see an ad promising prize money or an unrealistic discount, make sure to stay away from it.
As more and more people are using dating apps, cybercriminals have recognized this as a potential field for fraud. They typically pretend to be someone else, so they can seduce the user and eventually steal from them.
Typically, the cybercriminals aim to get to know the victim and later ask for money or tricking them into sharing their banking information. In cases like these, you don’t need the most recent computer virus to pull off this scam – understanding human psychology will suffice.
Phishing attempts are all too common nowadays. Black-hat hackers mainly send emails, creating a sense of urgency and trick users into giving out their sensitive information. This is usually done by prompting them to change their password because their account has allegedly been compromised or that they need to log in because they got paid.
It is vital to always check the sender’s address even when it appears legitimate. This can be done by taking a look at the properties of the email. Another useful strategy is always checking for spelling mistakes, and if there are any, someone is probably trying to hack your account. Still, keep in mind that the latest virus threats and phishing attempts are getting more subtle and refined.
Major Cyber Breaches and Cybersecurity Events of 2022
The year 2022 has already recorded some major cyber attacks. Some of them were aimed at corporations, while others involved governments. These attacks are to be expected, especially due to the ongoing war between Russia and Ukraine.
Lapsus$ Launches Ransomware Attacks at Corporations
In March 2022, Lapsus$ successfully attacked several high-profile corporations, including T-Mobile, Nvidia, and Okta. Lapsus$ typically leaks information they acquire from victims. However, Okta issued a statement that vital information hadn’t been stolen.
The company continued by saying that it was due to a third-party contractor’s vulnerability that the breach happened. Regrettably, this was not the first successful attack against Okta in the past four years, which goes to show that companies must be vigilant at all times.
Conti Group’s Chats Leaked
Some of the recent computer virus outbreaks were actually matched with a counterattack. For example, an enormous leak took place on February 28, when more than 60,000 messages sent by Conti group members were posted online. This hack offered a close look into how the Conti group, known for its ransomware attacks, operates.
It is believed that this was an insider job and that a pro-Ukrainian Conti member decided to leak the chats because they were unhappy with the pro-Russian content on the Conti website.
RaidForums Seized by Authorities
Among the latest malware threats were those connected with RaidForums. Therefore, on February 25, 2022, US law enforcement and Europol took down RaidForums as part of Operation Tourniquet in a coordinated effort. This forum was mostly used as a marketplace for stolen data. Apart from dismantling the group, the forum owner was also arrested. What’s almost unbelievable is that the 21-year-old owner of the RaidForums was only 14 when he founded it.
REvil Group Arrested by the Russian Government
According to Russian authorities, more than a dozen REvil members were arrested in 2022. Although this action left a mark on cybercriminals, it’s unlikely to have a lasting effect in terms of suppressing this criminal activity – in Russia or worldwide. There are a multitude of current virus threats perpetuated by many malicious groups and they are difficult to deal with as they are cropping up everywhere.
Shields Up Introduced for Protection Against Russian Cyberattacks
With the war in Ukraine and cyberattacks aimed at vital Ukrainian agencies, US authorities decided to introduce the Shields Up protection system as protection against possible Russian cyberattacks.
How To Protect Yourself
Learning to recognize a threat is one of the most important things when it comes to online security. That’s why it’s vital that we take cybersecurity seriously and stay up to date with the latest developments. However, this is often not enough.
It is necessary to invest in a reliable antivirus that will be able to block all incoming virus threats but that will also be capable of fixing the damage if it comes to that. If you’re a business owner, using a strong endpoint security platform is highly recommended because a simple legacy antivirus might not cut it.
Antivirus Protection: Top Three Recommendations
If you want to be certain that your devices are secure, the best way to protect yourself is to invest in a good antivirus. The ones we’ll discuss below are excellent choices.
With more than 430 million users, Avast is still one of the cybersecurity leaders. Avast offers an antivirus scanner and ransomware protection. This makes it useful against the latest virus threats we’ve listed in this article.
The interface is easy to use, and premium users can reach customer support via chat, email, or phone. The company, which offers a paid and free plan, proudly claims that it can stop 66 million threats a day.
Bitdefender has plans for both home and business, offering all the features needed to keep your devices safe. This antivirus is equipped with advanced ransomware protection, password manager, webcam and microphone protection, system optimization, and many other useful features, such as anti-phishing and web protection.
This strong antivirus is available for both mobile and computers. You can use it on Windows, macOS, iOS, Android, and Chromebook to help you deal with any current virus threat.
Its interface is simple and easy to use, and if you’re using it on your mobile, there’s Malwarebytes Privacy VPN.
Just like the previous picks, Malwarebytes will protect you from most of the current threats, and you can choose from four different scans. These are threat scan, quick scan, custom scan, and single file/folder scan.
The year 2022 has been quite productive for online criminals, and even with the constant battle of the authorities, their number does not seem to have diminished. Worse still, attacks aimed at businesses have increased, and some of the new threats are extremely hard to avoid.
Individuals and businesses alike need to invest in anti-malware solutions. Sadly, personal, financial, and corporate data have become a currency of sorts. As the latest virus threats can affect anyone, we should all remember that even the least important piece of information we possess is priceless.