Acronis Report Reveals 197% Rise in Email Cyberattacks - TECHx Media Acronis Report Reveals 197% Rise in Email Cyberattacks
Managed service providers (MSPs) have become prime targets, with email phishing campaigns impacting 33% of MSPs in H2 2024. Phishing continues to be the primary attack vector, followed by vulnerabilities in Remote Desktop Protocol (RDP) and other remote access tools. This trend highlights cybercriminals exploiting common MSP practices to breach networks and deploy malicious payloads.
A troubling trend noted in the report is the rise of advanced persistent threat (APT)-linked ransomware groups targeting MSPs. These groups employ sophisticated espionage tactics, including stolen credentials, social engineering, and supply chain attacks, to infiltrate MSP networks and deploy ransomware on client systems. This shift signals that MSPs have evolved from opportunistic targets to strategic entry points for high-stakes cyberattacks.
In December 2024, the UAE was notably among the most targeted countries for malware attacks. The country also saw the highest percentage of blocked malicious URLs (16.2%), followed by Brazil (13.2%) and Singapore (12.0%).
Gerald Beuchelt, CISO at Acronis, commented on the report: 'This biannual release from the Acronis Threat Research Unit highlights the alarming rise of AI-generated attacks and the sophistication of ransomware campaigns. By offering actionable insights, this report helps organizations, MSPs, and the cybersecurity industry strengthen their defenses against emerging threats.'
The report also points to the security risks associated with the growing adoption of remote monitoring and management (RMM) tools. While RMM tools enhance organizational efficiency, their widespread use has introduced blind spots that attackers can exploit. The lack of proper controls can transform RMM tools into entry points for ransomware, leading to severe damage.
In addition to an analysis of emerging threats in H2 2024, the report offers a comprehensive overview of the top vulnerabilities exploited in 2024 and provides predictions for 2025. It concludes with actionable recommendations for organizations and MSPs to fortify their defenses against these evolving cyber risks.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Al Etihad
30-07-2025
- Al Etihad
UAE Cyber Security Council to collaborate with Rilian Technologies, CPX Holding to secure critical infrastructure
30 July 2025 19:19 CALIFORNIA (WAM)Rilian Technologies, a leading provider of cybersecurity and defence solutions, announced that it has signed a strategic contract with the United Arab Emirates Cybersecurity Council, in coordination with CPX Holding, the UAE's national cybersecurity powerhouse, to secure the country's critical project will leverage advanced technologies from prominent partners both within the UAE and globally, including Google Cloud, and other international part of the agreement, the UAE's National Security Operations Centre (NSOC) will work with Rilian Technologies to implement the Rilian Defense Platform (RDP), which will integrate, operate, and automate various cybersecurity solutions in operational technology (OT). This effort will help protect essential operational technology systems of critical Mohammed Al Kuwaiti, Head of Cybersecurity for the UAE Government, said, "Over the past decade, the UAE has pursued a vision of innovation to enhance our people's lives and establish the safest and most dynamic economy", he adds, "this agreement will play a pivotal role in protecting of this vision, ensuring that our future remains secure, bright, and full of opportunity".As the UAE accelerates its digital modernisation, the protection of national assets and critical infrastructures has become a top priority. CPX with Rilian and its partners will bring together deep expertise in security operations, compliance, automation, and sovereign cloud technologies for Operational Technology (OT) to deliver a next-generation security operations platform for the solution will equip Emirati cyber defense teams with real-time threat detection, automated incident response, and advanced analytics to ensure robust protection of the country's critical digital the agreement, the Cybersecurity Council has tasked Rilian and CPX with leveraging the latest advancements in managed OT technologies to develop, train, and coordinate dedicated AI agents. These agents will be used to automate cyber threat solutions and assess risks to national critical infrastructure.'The UAE has laid out a clear roadmap to secure its 2031 vision through resilient, sovereign infrastructure,' said Christian Schnedler, CEO of Rilian Technologies.'We are proud to partner with CPX and other international companies to bring world-class security technologies, agentic AI automation, and orchestration capabilities that protect critical national assets and enhance overall cyber resilience.''This agreement comes at a pivotal moment in cybersecurity history, as both threat actors and defenders rapidly adopt AI-driven capabilities,' said Hadi Anwar, CEO of CPX Holding. 'By enabling greater autonomy for security operations centers, CPX and Rilian will dramatically enhance the efficiency and effectiveness of Emirati operators and national capabilities and systems for operational technology working to protect critical infrastructure at the national level.'
The National
25-07-2025
- The National
Gamers in Saudi Arabia, Qatar and Turkey most affected by malware campaign
Gamers in the Middle East have been heavily hit by a malware campaign that promotes fake beta versions of video games, cyber security experts have warned. Consumers in Saudi Arabia, Qatar and Turkey have been the most impacted by the campaign, according to cyber protection company Acronis. Its threat research group said malware is spreading through the use of Discord, a video, audio and texting platform popular with gamers around the world. The campaign pretends to promote beta versions of games titled Baruda Quest, Warstorm Fire and Dire Talon, but they are actually software that steals personal information and payment, login and crypto wallet data. 'This underscores the urgent need for awareness among regional gamers who are particularly active on platforms like Discord, where much of the malicious content is distributed,' Acronis said in a statement. Jozsef Gegeny, a senior researcher at the cyber security company, said that unlike most malware campaigns, this one also targets people considered to have decent technical knowledge. While corporations and organisations have ramped up cyber security, not enough of that messaging is reaching recreational technology users, he said. 'That's why it's important for the cybersecurity community to shine a light on threats that target individuals and not just corporations,' he said. 'This campaign shows that even well-informed users can be tricked.' The Middle East is particularly vulnerable to attacks due to the recent and rapid increase in video game popularity, making it one of the fastest-growing gaming markets. In 2020, the Middle East gaming industry was valued at approximately $4.8 billion, according to market research firm Newzoo. Five years later, Acronis said, that figure has climbed to more than $7 billion. In February, Power League Gaming chief executive Matthew Pickering said the region's high percentage of young people is helping the industry flourish, but it is also winning over the older demographic as a way to build confidence and sharpen analytical skills. 'Esports is now a solid career path,' he said. It is not yet clear who is responsible for spreading malware targeting the gaming community, but Acronis said it was first detected in the US and Brazil. The company added that the campaign is taking advantage of gamers' appetite to stay ahead of the curve. 'This campaign exploits the enthusiasm of the gaming community, particularly those eager to access unreleased or early-access content,' it said.
TECHx
24-07-2025
- TECHx
Acronis Reveals Malware Targeting Middle East Gamers
Home » Emerging technologies » Gaming » Acronis Reveals Malware Targeting Middle East Gamers Acronis has revealed details of a sophisticated malware campaign targeting consumers, particularly gamers, across the Middle East. The Acronis Threat Research Unit (TRU) reported that the attackers are exploiting the rising popularity of online gaming in the region, which is valued at over US$7 billion and continues to grow rapidly. The malware campaign focuses on users aged 18–35 and spreads through platforms like Discord. Victims are lured with fake beta versions of indie games such as Baruda Quest , Warstorm Fire , and Dire Talon . Instead of actual games, users unknowingly download infostealer malware like Leet Stealer, RMC Stealer, and Sniffer Stealer. According to Acronis researchers, the malware steals sensitive data including login credentials, payment information, and crypto wallets. This can lead to account takeovers, financial loss, and extortion. The campaign is notable for targeting individuals rather than corporate networks. Affected countries include Saudi Arabia, Qatar, and Türkiye Malware is often spread through fake game promotions on Discord and YouTube Jozsef Gegeny, Senior Researcher at Acronis TRU, stated that the team uncovered the threat by analyzing suspicious files and websites disguised as legitimate game content. Many of these files were not detected by major antivirus tools. The campaign was first detected in Brazil and the United States but has now expanded globally. The Middle East has become a hotspot due to its young, digitally active gaming population. Attackers use fake branding, promotional sites, and even dedicated YouTube channels to distribute the malware. Some installers display fake errors to hide their real intent. Acronis urges gamers to remain vigilant and download games only from official or verified developer websites. They also recommend enabling multi-factor authentication for added security. Gegeny added that even tech-savvy users can fall victim to such threats, especially when malware evades mainstream security tools.
