The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis analysts and sensors. Figures presented here were gathered in November of this year and reflect threats that we detected as well as news stories from the public domain. This report represents a global outlook and is based on more than one million unique endpoints distributed around the world.

DarkGate was first spotted in 2018. New attacks have used Skype messages with malicious VBA attachments. The main purpose of this script is to download and execute the AutoIt script, which has been observed in DarkGate campaigns since 2020. A user with the name ‘RastaFarEye’ advertised his malware on underground Russian language forums, and it now has numerous capabilities.

This article is the first in the ransomware diaries series. We will provide an in-depth look at some active ransomware families, such as Mallox or encryptors from the Epsilon Gang, revealing the unique picture they occasionally paint, along with commonalities they maintain along the way. Every family will represent a different piece of the current ransomware landscape to showcase how diversified it has become over the years.

The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis analysts and sensors. Figures presented here were gathered in October of this year and reflect threats that we detected as well as news stories from the public domain. This report represents a global outlook and is based on more than one million unique endpoints distributed around the world.

AV-Test unveiled their Advanced Threat Protection test results for 10 real-life scenarios they ran in July and August 2023 in Windows 10 Professional. Once again, Acronis Cyber Protect Cloud with Advanced Security received the best possible score, successfully detecting and blocking all 10 attacks in their early stages.

At the end of July 2023, the Cyclops ransomware group announced on underground forums that the 2.0 version of their ransomware was renamed “Knight.” The Knight ransomware group began its ransomware-as-a-service operations in May 2023, targeting Windows, Linux and MacOS operating systems, encrypting files using Curve25519, HC-256 and ChaCha20 algorithms.

Acronis Cyber Protect is a long-time participant in the AV-Test independent evaluation of security products for Apple’s macOS. It is critical that a cybersecurity product is consistent with good results, as new threats emerge. We are proud to report that Cyber Protect has achieved a perfect 6 out of 6 score in each and every test performed in the last year.