b2b-daily
Search
Close this search box.
Search
Close this search box.
Home | IT | Cyber Security

Cybercriminals Shift Focus to Credential Theft and AI-Driven Phishing

Avatar photo
by Dwaine Evans
April 23, 2025
Image Credit: Freepik / Freepik
Cybercriminals Shift Focus to Credential Theft and AI-Driven Phishing
Article Highlights
Off On

In 2024, the cybersecurity landscape experienced notable changes, with cybercriminals increasingly adopting stealthier tactics, particularly focusing on credential theft through infostealers. IBM’s research highlighted an 84% spike in phishing emails delivering infostealers from 2023 to 2024, favoring this method for its quick and discreet identity attacks.

Credential theft incidents surged as attackers exploited the growing complexity of hybrid cloud environments, targeting critical infrastructure. Within this sector, cybercriminals often gained initial access via valid accounts (31%), phishing (26%), and public-facing application exploits (26%). Once access was secured, malware was deployed in 40% of cases, with ransomware constituting 30% of these deployments.

A significant trend in 2024 saw cybercriminals prefer stealing data (18%) over encrypting it (11%). This shift is attributed to advanced detection technologies and increased pressure from law enforcement, prompting quicker and more discreet operations. Although ransomware incidents declined, constituting 28% of malware cases and 11% of security cases, cybercriminals continued diversifying their malware portfolios.

IBM’s report exposed vulnerabilities in critical infrastructure due to reliance on legacy technology and slow patching cycles. Over a quarter of incidents exploited these weaknesses. The trading of exploit codes for common vulnerabilities on dark web forums fueled attacks on power grids, health networks, and industrial systems. Phishing emails delivering infostealers continued to rise into early 2025, with a 180% increase compared to 2023. The use of AI enabled cybercriminals to scale phishing campaigns, making identity attacks cheaper and more profitable. Additionally, the dark web saw an increase in adversary-in-the-middle (AITM) phishing kits designed to bypass multi-factor authentication (MFA).

Regionally, the Asia-Pacific (APAC) region accounted for 34% of attacks, focusing primarily on malware-ransomware (22%) and server access (11%). North America followed with 24% of incidents, with common actions including remote access tools (17%) and backdoor malware (17%). AI security remained a critical concern as researchers worked to identify and rectify vulnerabilities before exploitation by cybercriminals. As AI adoption grows, securing the AI pipeline will be crucial. In conclusion, 2024 marked significant shifts towards stealthier and more opportunistic cyberattack methods. The emphasis on credential theft and data exfiltration shows cybercriminals adapting to modern security measures. This evolution underscores the importance of robust and proactive cybersecurity measures to combat an ever-evolving threat landscape.

AI

Explore more

Can You Stay Ahead in Digital Marketing Innovation?
May 16, 2025

In the rapidly evolving world of digital marketing, staying ahead of innovation poses a formidable challenge for industry professionals. As technology advances, new tools, strategies, and platforms emerge at a breakneck pace, leaving marketers in constant pursuit of the latest trends. The upcoming digital marketing conference highlights the importance of embracing these technological shifts, urging senior marketing leaders to gather

Can HPE Eclipse VMware in the Private Cloud Race?
May 16, 2025

The private cloud market has long been a competitive realm filled with robust technologies and innovative solutions. Among the major players, Hewlett Packard Enterprise (HPE) and VMware stand out for their ongoing rivalry in providing cloud management solutions. The market has witnessed significant shifts, particularly after Broadcom’s operational changes within VMware, prompting several tech giants to position themselves as feasible

Optimizing Cloud Migration: Tackling Licensing Costs and ROI
May 16, 2025

The rapid evolution of cloud computing has created numerous opportunities for businesses to streamline operations and facilitate digital transformation. However, these opportunities come with complex economic challenges, particularly related to the significant costs and strategic planning required for successful cloud migration. During the Nutanix .Next 25 conference, experts highlighted how organizations can optimize their cloud migration processes to manage expenses,

Essential SaaS Security Tools for Protecting Cloud Applications
May 16, 2025

As cloud computing continues to dominate the technological landscape, businesses increasingly rely on Software as a Service (SaaS) to streamline operations and enhance efficiency. Yet, this growing dependence on cloud applications has brought forth unique security challenges that demand immediate attention. Traditional security frameworks, designed for on-premises systems, often fall short when addressing the complexities of SaaS. As businesses migrate

Is SonicWall Revolutionizing MSP Security with Zero-Trust?
May 16, 2025

In an ever-evolving cybersecurity landscape, the need for robust security solutions tailored for Managed Service Providers (MSPs) has become paramount. SonicWall, a leading player in the cybersecurity industry, has strategically positioned itself to support MSPs by expanding its product and service offerings. At the heart of this transformation is SonicWall’s commitment to fostering a zero-trust environment, a necessary leap propelled