Authors:
Alexander Ivanyuk — Senior Director, Technology
Irina Artioli — Cyber Protection Evangelist, TRU Researcher
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis Threat Research Unit (TRU) and sensors. Figures presented here were gathered in February of this year and reflect threats that we detected as well as news stories from the public domain. This report represents a global outlook and is based on more than one million unique endpoints distributed around the world.
The FBI has confirmed that North Korea’s infamous Lazarus hacking group was behind a massive $1.5 billion cryptocurrency heist targeting the Bybit exchange, making it the largest single cryptocurrency theft recorded to date. The attack exploited a vulnerability tied to a Safe{Wallet} developer’s compromised device, which allowed the hackers to intercept and redirect Ethereum funds during a transfer from one of Bybit’s cold wallets.
The stolen assets were then laundered through an intricate process involving different blockchain addresses, a tactic Lazarus employs to obscure the trail of their illicit gains. The group, known for funding North Korea’s regime, including its weapons programs, had been highly active in 2024, with the FBI noting they stole $1.34 billion across 47 separate cryptocurrency heists throughout the year.
February malware detections
In February, Acronis Cyber Protect blocked almost one million malware threats on endpoints — a 2% increase from January.
The below tables show the percentage of Acronis clients that had at least one malware threat blocked at the endpoint, as well as the normalized percentage of clients with at least one malware detection. The higher the percentage, the higher the risk of a workload in that country being attacked by malware.
Protection
The aforementioned threats can be detected and mitigated with solutions from Acronis.
Acronis Cyber Protect Cloud protects against both known and never-before-seen threats through a multilayered protection approach. This includes behavior-based detection, AI- and ML-trained detections and anti-ransomware heuristics, which can detect and block encryption attempts and roll back any tampered files automatically without any user interaction.
Additional advanced email security and URL filtering can help you protect against social engineering threats. And Acronis’ #CyberFit score helps you quickly identify systems that need attention, while the integrated patch management makes updating your software to the latest versions simple.
Advanced Security + Extended Detection and Response (XDR) for Acronis Cyber Protect Cloud brings the visibility needed to understand attacks while simplifying the context for administrators and enabling efficient remediation of any threats.
