Home / News

New Ways Cybercriminals are Thwarting Security

M86 Security today released it’s bi-annual security report for the first half of 2010, highlighting the evolution of obfuscation through combined attacks. From the report: “This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for ‘covering their tracks’ are becoming less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language—built into Adobe flash—and JavaScript components on the webpage, they limit the effectiveness of many of the the proactive security detection mechanisms in place today.”

Malicious Spam Percentage (Jan-Jun, 2010) – Through the first half of 2010 malicious spam has hovered around 1% of total spam, although at times it has spiked to over 3%. The Pushdo botnet, and to a lesser extent Asprox, have been behind much of this activity.
Source: M86 Security Lab Report
The report says spam remains a major issue both for bandwidth as well as a malware vector. Key findings include:

• Of the 15 most exploited vulnerabilities observed, four involved Adobe Reader and five were for Internet Explorer.

• Most exploits were first reported more than a year ago and have been addressed by the software vendors, highlighting the need to keep software updated with the latest versions and patches.

• Advanced Persistent Threat attacks made headlines after being used against commercial organizations such as Google and Adobe.

• More Java-based vulnerabilities have been actively exploited, reflecting the exploits’ high “success rate” for attackers.

• Mass Website infections continue to be a huge problem, as attackers use botnet malware, such as Asprox, to carry out automated mass attacks.

• Anti-detection techniques proliferated as cybercriminals aim to stay under the radar as long as possible.

• Email is still a major attack vector, with botnets spamming out both malicious attachments, and blended threat campaigns that drive users to infected Websites.

• Total spam output remains extremely high, as the major spamming botnet operations continue to operate largely unimpeded. Just five botnets are responsible for 75% of all spam.

• Spam promoting pharmaceuticals constitutes 80% of all spam, reflecting the attractiveness of major spam affiliate programs such as Canadian Pharmacy.

• Spammers are using more diverse tactics, including malicious PDF attachments and HTML attachments that load malicious code.

• The controversy over Facebook privacy underscores the need to review privacy on these networks, as they are areas ripe for abuse.

Related Links:
M86 Security Labs
Latest M86 Security Labs Report Details New Ways Cybercriminals Are Thwarting Security

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Domain Names

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC