Cybercriminals Reinvent Methods of Malicious Attacks, According to Trend Micro Threat Roundup Report.Summary: Trend Micro Incorporated (TSE See Tokyo Stock Exchange. TSE 1. See Tokyo Stock Exchange (TSE). 2. See Toronto Stock Exchange (TSE). : 4704), a global leader in Internet content security, reported today that cybercriminals are not only leveraging new technologies to propagate prop·a·gate v. 1. To cause an organism to multiply or breed. 2. To breed offspring. 3. To transmit characteristics from one generation to another. 4. cybercrime cybercrime also known as computer crime Any use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. , but are also reinventing forms of social engineering to cleverly ensnare both consumers and businesses, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. the eC[pounds sterling]Trend Micro Threat Roundup and Forecast 1H 2008eC[yen] report. As a result, the last six months saw an upswing Upswing An upward turn in a security's price after a period of falling prices. in Web threats, but steady decreases in adware and spyware that are generated by outdated technical methods and can no longer compete with high-level security solutions. Trend Micro Incorporated (TSE: 4704), a global leader in Internet content security, reported today that cybercriminals are not only leveraging new technologies to propagate cybercrime, but are also reinventing forms of social engineering to cleverly ensnare both consumers and businesses, according to the eC[pounds sterling]Trend Micro Threat Roundup and Forecast 1H 2008eC[yen] report. As a result, the last six months saw an upswing in Web threats, but steady decreases in adware and spyware that are generated by outdated technical methods and can no longer compete with high-level security solutions. Exploiting human nature through social engineering and phishing techniquesWhile social engineering tactics such as the Nigerian phishing scam (SCSI Configured AutoMatically) A subset of Plug and Play that allows SCSI IDs to be changed by software rather than by flipping switches or changing jumpers. Both the SCSI host adapter and peripheral must support SCAM. See SCSI. and the Spanish prisoner scam have been around for decades, cybercriminals continue to refresh and modernize this standard form of trickery Trickery See also Cunning, Deceit, Humbuggery. Bunsby, Captain Jack trapped into marriage by landlady. [Br. Lit.: Dombey and Son] Camacho cheated of bride after lavish wedding preparations. [Span. Lit. based on whatever the trend appears to be. For example, the tools and technologies used to create the interactive nature of popular social networking sites A Web site that provides a virtual community for people interested in a particular subject or just to "hang out" together. Members create their own online "profile" with biographical data, pictures, likes, dislikes and any other information they choose to post. have become a land mine for cybercrime. In March, Trend Micro discovered that over 400 phishing kits designed to generate phishing sites were targeting top Web 2.0 sites (i.e. social networking See social networking site. social networking - social network , video sharing See video sharing site. and VoIP sites), free email service See Internet e-mail service. providers, banks and popular e-Commerce Web sites. Recently, a new form of phishing warned potential victims about phishing emails as a way to legitimize le·git·i·mize tr.v. le·git·i·mized, le·git·i·miz·ing, le·git·i·miz·es To legitimate. le·git that email and then tricked them into clicking on a link that leads to a fraudulent site. Spammers are also recycling old techniques. In February, Trend Micro investigated a voice phishing (aka eC[pounds sterling]vishingeC[yen]) attempt. The message appeared convincing, with all links leading to corresponding, legitimate target pages, but included a phony number for recipients to call to reactivate re·ac·ti·vate v. 1. To make active again. 2. To restore the ability to function or the effectiveness of. re·ac their account, which had been supposedly eC[pounds sterling]placed on hold.eC[yen] Upon calling the phone number, users were asked for their bank card number and PIN, unwittingly opening their bank accounts to the phishers. Developing malware for blended threatsMalware variants have generally been treated as separate individual threats. Today, profit-motivated Web threats blend various malicious software components into a singular Web threat business model. For example, a cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. criminal sends a message (spam) with an embedded link in the email (malicious URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. ) or contained in an instant message. The user clicks on the link and is redirected to a Web site where a file (Trojan) automatically downloads onto the usereCOs computer. The Trojan then downloads an additional file (spyware) that captures sensitive information, such as bank account numbers (spy-phishing). Although seemingly one incident, blended threats are much more difficult to combat and much more dangerous for the user. Exploiting new technologiesThe fast-flux technique is an additional example of criminals abusing technology developments. Fast-flux is a domain-name-server (DNS (Domain Name System) A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. For example, when a Web site address is given to the DNS either by typing a URL in a browser or behind the ) switching mechanism that combines peer-to-peer networking See peer-to-peer network. , distributed command and control, Web-based load-balancing, and proxy redirection to hide phishing delivery sites. Fast-flux helps phishing sites stay up for longer periods to lure more victims. For example, researchers are challenged to identify malicious Storm domains because developers are using fast-flux techniques to evade detection. A spike in Web threats accompanied by a decline in adware and keyloggersTrend Micro witnessed a dramatic increase in Web threat activity during the first half of 2008. Web threats peaked in March to 50,000,000 from approximately 15,000,000 in December 2007. On the decline are adware, trackware, keyloggers and freeloaders. In March 2007, Trend Micro found that approximately 45 percent of PCs were infected by adware; by April 2008, only 35 percent were reportedly infected. In May 2007, approximately 20 percent of PCs were infected by trackware; that number has dropped to less than 5 percent in April 2008. Keyloggers also showed a small, but steady decline with less than 5 percent of PCs being infected (from over 5 percent in September 2007.) eC[pounds sterling]This is a good example of how cybercriminals are evolving with the times eCo theyeCOre moving away from threats that use old or waning technologies; instead, focusing on the lucrative threats that bring a bigger payload (1) Refers to the "actual data" in a packet or file minus all headers attached for transport and minus all descriptive meta-data. In a network packet, headers are appended to the payload for transport and then discarded at their destination. ,eC[yen] said Raimund Genes, chief technology officer of Trend Micro. Other notable findings from the report:- High-profile Web sites became highly targeted. In early January, several massive SQL injection SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not attacks were launched on thousands of Web pages belonging to Fortune 500 corporations, state government agencies and educational institutions.- Mobile threats are continuing to play a small part in the new threat landscape. In January, Trend Micro discovered malware disguised as a multimedia file that was used to infect older Nokia mobile phones.- With skill comes precision. Cybercriminals are increasingly targeting more affluent users, such as C-level executives who represent a small number of wealthy, high-level individuals in positions of power to gain access to larger bank accounts, login Signing in and gaining access to a network server, Web server or other computer system. The process (the noun) is a "login" or "logon," while the act of doing it (the verb) is to "log in" or to "log on. credentials, or even email addresses that span an entire organization.- Spam volumes decreased briefly at the beginning of 2008 eCo perhaps a post-holiday break for spammers. Volume spiked in March with a small slip in April. Whenever drops in spam activity occur, Trend Micro researchers interpret this as a sign that spammers are either regrouping to launch a new attack or testing new techniques. - Bots (compromised PCs) spiked from over 1,500,000 in January to over 3,500,000 in February. This was then followed by a dramatic drop in March. Six-Month ForecastAccording to research and observations of attacks that have occurred since the beginning of this year, Trend Micro researchers predict the following trends over the next six months:  Social engineering will remain a key attack method, with more sophisticated tricks evolving. Trend Micro expects cyber criminals to leverage events such as the Summer Olympics, back-to -school shopping, the U.S. election season, soccer and football events, and the holiday season in December.  Cybercriminals will continue to target newly discovered vulnerabilities in eC[pounds sterling]third-partyeC[yen] software applications, such as QuickTime, RealPlayer, Adobe Flash, etc. Crimeware that relies on technical methods that are becoming obsolete, such as dialers and keyloggers, will continue to slowly decline in number. Grayware such as trackware and browser hijackers will also slowly fall off in number as they cannot scale well in an era of million-member botnets. Spam volume will continue to rise exponentially with average daily spam volumes predicted to increase by 30- to 50- billion messages per day. Spam and phishing will rise in August to correspond with back-to-school activities and the Olympics. A seasonal spike is also expected in November to correspond with the holidays, with spam forecasted to reach 170 to 180 billion messages per day. As is occurring now, both spam and phishing will continue to play a part in blended threats. About 0.2 percenteCoone out of every 500 Web requestseCoare sent to Web sites hosted on infected PCs, and this trend is expected to continue.  Bots and botnets will continue to play an important part in the threat chain for spamming, information stealing, targeted attacks and large-scale attack campaigns. For a copy of the full report, go to http://us.trendmicro.com/us/threats/enterprise/security-library/threat-reports/index.html About Trend Micro:Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management A computer security approach in an organization that deals with all forms of unwanted intrusions, including attacks on computer systems, malware of all kinds and even spam. See computer security, malware, threat management and blended threat. technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Its flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. A transnational company, with headquarters in Tokyo, Trend MicroeCOs trusted security solutions are sold through its business partners worldwide. Please visit www.trendmicro.com. CopyrightA[umlaut umlaut (  m`lout) [Ger.,=transformed sound], in inflection, variation of vowels of the type of English man to men. ] 2008 Trend Micro Incorporated. All rights
reserved. Trend Micro, the Trend Micro t-ball logo are trademarks or
registered trademarks of Trend Micro, Incorporated. All other product or
company names may be trademarks or registered trademarks of their
owners.
A[umlaut] 2008 Al Bawaba (www.albawaba.com) A[umlaut] 2008 Al Bawaba (Albawaba.com) Provided by Syndigate.info an Albawaba.com company |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion