Skip to content

ESET Threat Report: Attempts to exploit MS Exchange and massive waves of password guessing were the most frequent intrusion vectors

  • The exclusive research included in the report provides previously unpublished information about APT group operations: ProxyShell exploitation; OilRig campaign and activities by the infamous cyberespionage group the Dukes (aka Cozy Bear).
  • ProxyLogon vulnerability was the second most frequent external attack vector in ESET’s 2021 statistics, right after password-guessing attacks.
  • Microsoft Exchange servers fell under siege again in August 2021 via ProxyLogon’s “younger sibling”, named ProxyShell, which has been exploited worldwide by several threat groups.
  • Attacks exploiting the Log4Shell vulnerability were the fifth most common external intrusion vector in 2021.
  • RDP attack numbers from the last weeks of T3 2021 broke all previous records, amounting to a staggering yearly growth of 897%.
  • Ransomware surpassed the worst expectations in 2021, with attacks against critical infrastructure, outrageous ransom demands and over USD 5 billion worth of potential bitcoin transactions in H1 2021 alone.
  • Android banking malware detections rose by 428% in 2021 compared to 2020.
  • Emotet botnet has been resurrected.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.