The worst malware, security and privacy breaches of 2023

A look back at a year of cyberattacks

cyber

It was quite a roller coaster ride in 2023 when it came to cybersecurity. 

Cybercriminals continue on a rampage, taking advantage of weaknesses in all sorts of devices, platforms and networks. 

From sneaky phishing tricks to dreaded malware infections and data breaches, it felt like we were under constant siege. 

It's safe to say that the security and privacy of millions of people were compromised. Here are some of the worst malware, security, and privacy breaches of this past year.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

1) Russian cyber group Star Blizzard unleashes a global spear-phishing attack

worst malware 1

A hacker typing on laptop. (Kurt "CyberGuy" Knutsson )

A Russian hacking group tied to the Kremlin unleashed a global attack. They use what appear to be links to innocent websites to steal information. These hackers from Star Blizzard, which formerly operated as SEABORGIUM, are also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie. 

The dangerous group targets anyone who might have information they can use. They even went after the U.S. government. For the most part, Star Blizzard has attacked people tied to academics, defense, government organizations and more in the U.S. and the U.K. According to the U.S. Cybersecurity and Infrastructure Security Agency, the group is also targeting NATO members and countries near China.

Read more

2) Guard your passwords: CherryBlos & FakeTrade malware threaten Androids

worst malware 2

Phishing website. (Trend Micro)

Two related malware campaigns target Android users interested in cryptocurrencies or online income opportunities. The first campaign uses phishing websites to trick users into downloading apps that contain the CherryBlos malware. This malware can steal your cryptocurrency wallet credentials and replace your withdrawal address with the attacker’s.

CLICK HERE FOR MORE U.S. NEWS

The second campaign uses fake money-earning apps that contain the FakeTrade malware. These apps promise you increased income, but they will not let you withdraw your funds. Both campaigns use fake posts on popular platforms like TikTok, X and Telegram to lure you into their traps.

Read more

3) Massive cyberattack strikes millions of Americans: Are you at risk?

WORST malware 3

Image of a hacker. (Kurt "CyberGuy" Knutsson )

Millions of Americans faced a significant threat to their personal data as a result of a massive cyberattack targeting the widely used file-transfer program known as MOVEit. The impact was vast, even compromising residents of Louisiana and Oregon who possessed driver's licenses or state identification cards, and there were concerns among officials that the number of affected individuals could increase sizably. Moreover, this breach had far-reaching consequences, impacting numerous firms and organizations, including multinational corporations, federal and state agencies, and universities.

Read more

MORE: TOP IDENTITY THEFT SCAMS TO AVOID

4) Facebook accounts hit with malicious ad attack with dangerous malware

WORST malware 4

Facebook ad attack. (Bitdefender Labs)

In an alarming revelation, Bitdefender Labs had uncovered a sinister turn in cybercrime tactics on Facebook. Hackers used a virus called NodeStealer to steal cookies and passwords. It’s a sneaky piece of code that runs on JavaScript and Node.js, and it can grab your web browser data and use it to hack into your Facebook account.

How do they do it? Well, they use cunning malvertising campaigns, which are fake ads that look like they’re from Meta, the company that owns Facebook. When you click on these ads, you’re actually downloading the NodeStealer virus, which then starts to spy on your online activity.

Read more

MORE: DON'T FALL FOR THAT "LOOK WHO DIED" FACEBOOK MESSAGE TRAP 

5) Beware of this new Mac malware targeting your data and devices

WORST MALWARE 5

Image of a cybercriminal.

In the grand scheme of cyber threats, a new villain emerged from the shadows, targeting none other than our beloved Mac users. With a penchant for pilfering passwords, greed for grabbing crypto and a propensity for pocketing personal data, this digital bandit goes by the name "Realst." Masked behind the guise of counterfeit blockchain games, it poses an ominous threat to your virtual safety.

"Realst" isn't just your run-of-the-mill malware — oh, no — it's a crafty chameleon in the world of cybercrime, vetting its victims through seemingly innocent game access codes shared over social media or direct messages. "Realst" doesn't just have one form, but 16 distinct variants that it uses to carry out its malicious activities.

Read more

6) The new iPhone security threat that allows hackers to spy on your phone

worst malware 6

TestFlight app. (Apple)

A troubling new vulnerability in iOS now allows hackers to spy on you through your keyboard. Certo Software released a report revealing how cybercriminals are avoiding Apple's stringent security measures to steal your information.

Essentially, what hackers are doing is installing a third-party keyboard that features a keylogger into your iPhone. They'll disguise that keylogger in a small app and use Apple's TestFlight tool for app developers to bypass Apple's security checks. Hackers are hoping you will download those apps and turn over your own information.

Read more

7) Mac users beware of new malware targeting your confidential information

worst malware 7

Image of hacker.

If you thought your Mac was invincible, it's time to reconsider. A sneaky malware is on the prowl, ready to snatch your personal information and dash away with your credit card details. The malware goes by the name of ShadowVault, and it isn't just your garden-variety cyber-thief. It insidiously goes about its business on compromised Mac devices, siphoning off valuable info such as usernames and passwords, stored credit card info, data from crypto wallets and more. The worst part? Criminals can subscribe for $500 a month to access and use this malware. Cybersecurity firm Guardz discovered the ShadowVault malware through the XSS forum on the dark web, where it was being offered to anyone who was willing to pay the 500 bucks per month to rent the malware.

Read more

8) Massive free VPN data breach exposes 360M records

WORST malware 8

Super VPN app. (Apple App Store/Qingdao Leyou Hudong Network Technology Co.)

Cybersecurity researcher Jeremiah Fowler discovered and reported that over 360 million user data records have been leaked in a breach with the free VPN service SuperVPN. These records contained tons of personal information, including email addresses, original IP addresses, geolocation records, unique user identifiers, references to visited websites and more.

Fowler did an enormous amount of research and found one key detail that was quite concerning. He noticed that the smartphone app for SuperVPN was listed under different developers, depending on the App Store it was downloaded from.

The Google Play Store version was credited to SuperSoft Tech, while the Apple App Store version was credited to Qingdao Leyou Hudong Network Technology Co. Both companies seem to have connections to China as the notes for each are written in Mandarin, which serves as the official language of the country. Fowler then discovered a publicly exposed database linked with the SuperVPN app containing 133 GB of data.

Read more

9) Beware of fake browser updates on your Mac

WORST malware 9

Fake browser update. (Malwarebytes)

If you use a Mac, you may have seen pop-ups or notifications urging you to update your web browser. But before you click on them, you should know that they could be part of a malicious malware campaign called ClearFake, which is designed to steal your personal data.

ClearFake is the name given to a malware campaign that uses fake browser updates to infect your Mac with a credential stealer called Atomic Stealer. This campaign was first discovered by security company Malwarebytes in their threat research report. According to Malwarebytes, ClearFake is one of the first social engineering campaigns that targets both Windows and Mac users with fake browser updates.

Read more

10) Despite an FBI takedown, the infamous Raccoon Stealer malware returns

WORST malware 10

Image of hacker on laptop. (Kurt "CyberGuy" Knutsson )

In the world of digital wrongdoing, it seems some cyber pests never really go extinct. Remember Raccoon Stealer? If you don't, it is a malware strain, and you might want to brace yourself. It's back, it's bolder and it's up to no good — again.

Picture this: A malware so astute it pilfers data from 60 applications. We're talking login details, credit card numbers, those treasured browser histories you thought were safe and even the ever-popular cryptocurrency accounts. 

Now, what if I told you that this notorious service was available to any aspiring hacker for a mere $200 subscription a month? It's the Netflix of cybercrime, except you get stolen credentials instead of shows. 

Read more

So, how do you guard your digital domain?

Have strong passwords: Using the same password across multiple platforms will always make you more vulnerable because if one account gets hacked, they all get hacked. Use a password manager to keep track of all your passwords instead of relying on a single password, which, if stolen, can expose you. 

Use 2-factor authentication: Implementing 2-factor authentication is just an extra shield that will prevent a hacker from getting into your accounts.

Have good antivirus software on all your devices: The best way to protect yourself from malware like this is to install antivirus protection on all your devices. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links that may install malware on your devices, allowing hackers to gain access to your personal information. Find my review of best antivirus protection here

When in doubt: Picture this: a dimly lit alleyway with a sign that reads "Free Gold Here!" Sounds suspicious? That's the online equivalent of dubious websites offering tantalizing downloads. Even if they lure you in with promises from seemingly legitimate sources (like Google Ads or seemingly authentic YouTube videos), always be skeptical. Check the website's credentials, look for secure connection indicators (like the padlock symbol), and if in doubt, steer clear.

Use identity theft protection: Identity theft protection companies can monitor personal information like your Home title, Social Security Number (SSN), phone number and email address and alert you if it is being sold on the dark web or used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. Read more of my review of best identity theft protection services here.

Create alias email addresses: Sometimes, it's best to create various email aliases so that you don't have to worry about all your info getting taken in a data breach.  An email alias address is a great way to stop receiving constant spam mail by simply deleting the email alias address.

In addition to creating throwaway email accounts for online sign-ups and other circumstances where you would not want to disclose your primary email address, alias email addresses are helpful for handling and organizing incoming communications. Sometimes, it's best to create various email aliases so that you don't have to worry about getting tons of spam mail and having your email eventually stolen in a data breach. See my review of best secure and private email services here.

When the damage is done: Immediate recovery steps

If you’ve clicked a malicious link and you think your device has been infected with malware, follow these tips below.

Scan your device: Think of it as a digital health checkup. Use a trusted antivirus, as I mentioned above, to run a comprehensive scan to detect and remove any lingering traces of malware. Don't just stop there — schedule regular checks to ensure your device stays in top health.

Alert financial institutions: Just as you'd report a missing credit card, if you believe your info might have fallen into the wrong hands, it's crucial to inform your banks and credit card companies. They can monitor suspicious activities or temporarily freeze your accounts to prevent unauthorized access.

Stay updated: It might be tempting to hit "remind me tomorrow" on those software updates, but those patches often address known vulnerabilities. Cybercriminals are always on the hunt for out-of-date software. By staying updated, you're essentially closing the doors they're looking to sneak in through.

Kurt's key takeaways

This past year was a wake-up call for all of us when it comes to cybersecurity and privacy. We witnessed some of the most sophisticated and devastating cyberattacks in history, targeting individuals, businesses and governments alike. The attackers used various methods and tools to exploit vulnerabilities and steal sensitive data, money, and identities. As we enter 2024, we must be more vigilant and proactive in protecting ourselves and our devices from these cyber threats. We also need to demand more accountability and transparency from the companies and platforms that handle our data and information. Cybersecurity is not a luxury, but a necessity in this day and age.

Which of the malware, security, and privacy breaches mentioned above surprised you the most and why? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you'd like us to cover.

Answers to the most asked CyberGuy questions:

Ideas for using those Holiday Gift cards

Copyright 2023 CyberGuy.com. All rights reserved.

Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt’s CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Authored by Kurt Knutsson, Cyberguy Report via FoxNews December 29th 2023