However, web threats were up, and exploitation of pandemic themes continue to hog the limelight.

With sweeping change brought by the COVID-19 pandemic, cybercriminals have adjusted their strategies aiming to profit from shifts in people’s lives and disruptions to business.

Despite the lockdowns, researchers, detection engineers and security experts from one cybersecurity firm, ESET, have boosted their efforts to hunt down malware and make the internet a safer place. Their Q1 2020 threat report describes a surge in March scam and malware campaigns that employ the pandemic as a lure.

As a possible side effect of coronavirus lockdowns, some threats—most notably web threats—saw a large increase in overall numbers of detections. Q1 2020 also saw a continuation in the rise of stalkerware. On the contrary, some threat types—such as cryptominers and Android malware—saw a decrease in ESET detections compared with the previous quarter.

ESET researchers also continued investigating threats and vulnerabilities amid the pandemic, uncovering:

  • new campaigns by the infamous Winnti Group and Turla
  • the discovery of KrØØk, a previously unknown vulnerability affecting the encryption of over a billion wi-fi devices
  • dissecting the obfuscation techniques in Stantinko’s new cryptomining module
  • use of homoglyphs for spoofed domain names—by replacing characters (or glyphs in font design terms) with ones that look similar
  • 30% rise of stalkware: supposedly useful apps that enable monitoring children, students or employees. In reality, these apps are often used for spying upon unsuspecting spouses or romantic partners, sometimes with tragic consequences for those victims.