APWG Report: December's Crimeware Code Variants Shatter Record.Up-Time for Phish Sites Falling, Indicating Counter-eCrime Efficiency Also Increasing LOS ALTOS, Calif. & CAMBRIDGE, Mass. -- The Anti-Phishing Working Group The AntiPhishing Working Group (APWG) is a consortium that brings together businesses affected by phishing attacks, businesses that provide security products and law enforcement. The APWG has more than 2700+ members from more than 1600 companies & agencies worldwide. (APWG APWG Anti-Phishing Working Group APWG Action Plan Work Group APWG Acquisition Policy Working Group APWG Advocates for Prostituted Women and Girls APWG AFSCN Prioritization Working Group APWG AFSCN Priorities Working Group ) announced today that the number of crimeware variants detected in December shattered all previous records rising to 340, an increase of more than 43 percent from the previous high of 237 variations - and some 62 percent higher than the December-to-December mean of 210 variants. APWG researchers could point to no one single factor to account for the sudden apparent increase in crimeware mutations which rose 48 percent from 230 in November to December's spike of 340. However, it is likely that broader use of software tools to create the variations and test their ability to avoid detection by anti-virus systems has helped phishers and their correspondent technologists achieve new levels of automation. Dan Hubbard, Vice President of Security Research at Websense, and an APWG contributing researcher, said, "Malicious code variants are being produced in large numbers and are designed to circumvent security measures such as signature-based solutions. We frequently see the same website serving multiple unique samples throughout the day and sometimes changing code for each connected user - and never serving the same user the same code twice." Also in the December report was some heartening heart·en tr.v. heart·ened, heart·en·ing, heart·ens To give strength, courage, or hope to; encourage. See Synonyms at encourage. Adj. 1. statistical evidence of increasing efficiency of counter-e-ecrime strategies. The up-time of phishing sites dropping to 4 days from 4.5 days in November - and substantially down from 5.3 days in December This article or section needs sources or references that appear in reliable, third-party publications. Alone, primary sources and sources affiliated with the subject of this article are not sufficient for an accurate encyclopedia article. 2005. (New phish sites detected by APWG researches fell, meanwhile, from 37,439 in November to 28,531 during the month of December.) APWG Secretary General Peter Cassidy said, "In the context of thousands of servers out in the field deployed to phish consumers, getting them off line a whole half-day quicker is an important achievement in protecting consumers. Every hour gained in that effort means more consumers were protected from arriving at a phish site and being defrauded." The full text of the report is available at: http://www.antiphishing.org/reports/apwg_report_december_2006.pdf About the Anti-Phishing Working Group The Anti-Phishing Working Group (APWG) is an industry association focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing and crimeware. Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community and solutions providers. There are more than 1,500 companies and government agencies participating in the APWG and more than 2,500 members. The APWG's web site (http://www.antiphishing.org) offers the public and industry information about phishing and email fraud, including identification and promotion of pragmatic technical solutions that provide immediate protection. APWG's corporate sponsors include: 41st Parameter, 8e6 Technologies, AT&T (T), Able NV, ActivCard (ACTI ACTI Advanced Cleanup Technologies, Inc (Rancho Dominguez, CA) ACTI Advanced Computational Technology Initiative ACTI Advisory Committee on Technology Innovation ACTI Aircrew Coordination Training Instructor ), Adobe (ADBE ADBE Adobe Systems, Inc. (stock symbol) ), AhnLab, Aladdin Knowledge Systems Aladdin Knowledge Systems NASDAQ: ALDN is a company that provides solutions for software digital rights management and Internet security since 1985. Its corporate headquarters are located in Tel Aviv, Israel. (ALDN), Anakam, Anonymizer, BBN Technologies, BlueStreak, Brandimensions, Bsecure Technologies, Cisco (CSCO), Clear Search, Cloudmark, Comodo, Corillian (CORI), Cydelity, Cyveillance, DigitalEnvoy, DigitalResolve, Earthlink (ELNK), eBay/PayPal (EBAY), Entrust (ENTU), Experian, eEye Digital Security eEye Digital Security is a company that specialises in analysis and prevention of security vulnerabilities in software. Founded by Firas Bushnaq and Marc Maiffret in 1997, the company has been credited by Microsoft with bringing a number of security vulnerabilities to their , F-Secure, Grisoft, GeoTrust, GlobalSign, GoDaddy, ING Bank, Iconix, InternetIndentity, Internet Security Systems, IOvation, IS3, Kaspersky Labs, Lenos Software, LightSpeed Systems, MailFrontier, MailShell, MarkMonitor, McAfee (MFE), MasterCard, MessageLevel, Microsoft (MSFT), Mirapoint, MX Logic, NameProtect, National Australia Bank The National Australia Bank or NAB (ASX: NAB, LSE: NAB, NYSE: NAB, TYO: 8637 ) is part of the NAB Group. It is the largest bank in Australia by assets, and 28th largest in the world. (ASX ASX See: Australian Stock Exchange : NAB) Netcraft, NetStar, PassMark, Panda Software, Phoenix Technologies, Inc. (PTEC), Quova, RSA Security (RSAS), SAIC, SecureBrain, Secure Computing (SCUR), Sigaba, SOPHOS, SquareTrade, SurfControl, Symantec (SYMC), The 41st Parameter, Trek Blue, Trend Micro (TMIC), Tricerion, TriCipher, Tumbleweed Communications (TMWD), SurfControl (SRF SRF abbr. somatotropin-releasing factor .L), Vasco (VDSI), VeriSign (VRSN), Visa, Websense, Inc. (WBSN), WholeSecurity, Yahoo! (YHOO) and ZixCorp. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion