As reported widely in the press, the Genesis Market is no more. On Tuesday 4th April 2023, the FBI seized control of the infamous marketplace that’d had hundreds of thousands of stolen digital identities for sale, replacing its login page with a takedown notice and call for further information from its users.

As part of our recently released 2022 Threat Roundup report, Forescout Vedere Labs described how the Mirai IoT botnet continues to evolve via new variants and adaptations, such as Gafgyt and RapperBot, more than six years after it started taking over IoT devices and had its source code leaked.

In January 2023, PrivateLoader, a malware loader from a pay-per-install malware distribution service called “ruzki”, started to distribute Tofsee (a.k.a. Gheg), a modular spambot. Spambots are typically utilized by cybercriminals to spread malware and phishing emails, and this particular one has been in operation since at least 2008.

Emotet is undoubtedly a very resilient botnet. Even though its operation was disrupted by Europol in January 2021, Emotet came back a few months later and continues to spread. In May 2022, shortly after Microsoft released new controls related to malicious macros, Netskope Threat Labs analyzed an Emotet campaign where they were testing a new delivery method, by using LNK files.

In recent years, the world of artificial intelligence (AI) has seen a significant increase in the use of language models. ChatGPT, a language generation model developed by OpenAI, has been making waves in the news with its ability to process large amounts of data, which can be used to train machine learning models and to test them. One feature that’s grabbed headlines is its ability to write code and provide feedback on the accuracy and efficiency of code.

Say what you want about bots, but you have to admire their versatility. Bots do everything from rank Google results and serve up cat photos on your Facebook feed, to sway elections and defraud retailers. Basically, they’re quite flexible. These days, bad bots are big business, with cybercriminals around the world using them to fraudulently access accounts, attack networks, and steal data.

If one topic has been on the minds of CISOs and CIOs alike over the last three years of Covid and post-Covid hybrid enterprise work environments, it’s ransomware. A distributed tech workforce — using distributed software services — proved to be no match for highly automated ransomware bots and malware executing encryption attacks. But this year, like the end of War of the Worlds, the attacking bots may suddenly fall silent.