AI-powered social engineering not technical exploits now dominating 90% of cyber attacks
Vast majority of cyberattacks now exploit human vulnerabilities using sophisticated technologies like deepfake videos and AI-manipulated audio, as cybercriminals shift focus from technical breaches to social engineering.
A newly published cyber threat report from Avast has revealed substantial dominance of social engineering in cyber threats during the first quarter of 2024. Per the report, nearly 90% of cyberattacks on mobile and 87% on desktop devices involved scams, phishing, and malvertising, exploiting human vulnerabilities more than technical weaknesses.
A significant rise in scams using sophisticated technologies like deepfake videos and AI-manipulated audio was noted. These scams often utilize hijacked YouTube channels and other social media platforms to spread fraudulent content. The report highlighted that such deceptive practices are becoming more complex, with cybercriminals leveraging high-profile events and figures to enhance the credibility of their scams.
YouTube, in particular, has emerged as a critical vector for these threats. Avast’s telemetry indicated that in the previous year, four million unique users were protected against YouTube-based threats, with around 500,000 users shielded in the first quarter alone. Cybercriminals are increasingly exploiting YouTube’s automated advertising and user-generated content features to sidestep traditional security measures, deploying a variety of attack vectors from phishing campaigns to malware distribution.
The report outlined several prevalent scam tactics on YouTube:
- Phishing campaigns specifically target creators with fraudulent collaboration offers, leading to malware dissemination and account compromises.
- Attackers post videos with descriptions containing malicious links, disguising them as legitimate downloads for popular software.
- Channel hijacking, where attackers gain control of YouTube accounts to push various scams, including crypto schemes that often start with fake giveaways.
- Attackers exploit reputable software brands and create domains that mimic legitimate companies to distribute malware disguised as genuine software.
Beyond individual platforms, the broader trend of Malware-as-a-Service (MaaS) was identified as a growing sector within cybercrime. Criminals rent out malware, facilitating a commission-based partnership where even less experienced hackers can launch attacks. This model simplifies the process of executing cyberattacks, making advanced tools accessible to a broader range of criminals.
Malware types such as DarkGate and Lumma Stealer were specifically mentioned for their propagation methods, including spreading via platforms like Microsoft Teams and YouTube. These methods underscore the continual evolution of cybercriminal strategies, emphasizing the role of social engineering.
Jakub Kroustek, Malware Research Director at Gen, remarked on the severity of the situation,
“In the first quarter of 2024, we reported the highest ever cyber risk ratio – meaning the highest probability of any individual being the target of a cyberattack.”
He added that human vulnerabilities are a significant focus for cybercriminals, who exploit emotional responses and curiosity to gain access to personal information and financial assets.
As technically focused exploits and hacks in crypto have fallen over the past year, Avast’s report showcases how non-technical attacks have risen. Human vulnerabilities are often the hardest aspects of op-sec and AI appears to already have made sufficient progress to offer a considerable challenge for security experts.