Malware

Malware / Most Commented

CircleID’s Top 10 Posts of 2009

Looking back at the year that just ended, here are the top ten most popular news, blogs, and industry news on CircleID in 2009 based on the overall readership of the posts. Congratulations to all the participants whose posts reached top readership in 2009 and best wishes to the entire community in 2010. more

I Don’t Give Damn About My Bad Reputation - Joan Jett

Two friends of mine wrote pieces today about reputation, one about email, the other about real-life stuff. I think they are strangely, tangentially yet inextricably linked. Laura Atkins, email specialist and part-time meteorologist at Word to the Wise aggregated a series of posts about a storm gathering on the email front. Receivers and filter-makers are up in arms about the crappy mail streams they see coming to them from ESPs, email service companies providing sending services for clients of various pedigrees. more

Cyber Terrorism Is a Real Threat, and for the First Time Both Russia and the US Acknowledge It

Eugene Kaspersky, CEO and co-founder of Internet security giant Kaspersky Lab said last week that "terrorists could build a botnet that could bring down the entire Internet structure". Mr. Kaspersky ended his speech with the statement that "a global cyber police force, and global cooperation between law enforcement agencies and governments is needed". This goes very much in accordance with some of the conclusions in the Cyberspace Policy Review more

Online Drug Traffic and Registrar Policy

Last month I published an article called "What's Driving Spam and Domain Fraud? Illicit Drug Traffic" which explained how the many of the troublesome online crime issues are related to the online sale of narcotics and dodgy pharmaceuticals. Since this article was published we have witnessed one of the largest international law enforcement efforts against online drug traffic (Operation Pangea II)... more

Vietnam Primary Source of Spam in November

Vietnam is now responsible for more than 10% of the worlds spam, according to threat analysis from managed security firm, Network Box. November saw malware threat levels remain consistently high with Vietnam taking the number one spam spot from last month’s chart topper, Brazil. more

60 Minutes Investigates Cybersecurity and the Reality of Sabotaging Critical Infrastructure

CBS's 60 Minutes aired a special report last night investigating how hackers can get into the computer systems that run crucial elements of the world's infrastructure, such as the power grids, water works or even a nation's military arsenal. From the report: "At the Sandia National Laboratories, Department of Energy security specialists like John Mulder try to hack into computer systems of power and water companies, and other sensitive targets in order to figure out the best way to sabotage them. It's all done with the companies' permission in order to identify vulnerabilities. In one test, they simulated how they could have destroyed an oil refinery by sending out code that caused a crucial component to overheat." more

APWG: The Internet Has Never Been More Dangerous

Anti-Phishing Working Group (APWG) released its latest Phishing Activity Trends Report today warning that the number of unique phishing websites detected in June rose to 49,084, the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement. "The number of hijacked brands ascended to an all-time high of 310 in March and remained, in historical context, at an elevated level to the close of the half in June," says the report. more

Latest Study Suggests Computers Remain Infected Far Longer Than Previously Suggested

Contrary to previous security reports suggesting compromised machines remain infected for 6 weeks, experts at Trend Micro say these estimates are far from accurate. In its recent blog post the company said: "During the analysis of approximately 100 million compromised IP addresses, we identified that half of all IP addresses were infected for at least 300 days. That percentage rises to eighty percent if the minimum time is reduced to a month." Additionally the study also indicates that while three quarter of the IP addresses were linked to consumer users, the remaining quarter belonged to enterprise users. more

Latvian ISP Closure Dents Cutwail Botnet ...for a Whole 48 Hours

From MessageLabs' latest report: "Real Host, an ISP based in Riga, Latvia was alleged to be linked to command-and-control servers for infected botnet computers, as well as being linked to malicious websites, phishing websites and 'rogue' anti-virus products. Real Host was disconnected by its upstream providers on 1 August 2009. The impact was immediately felt, where spam volumes dropped briefly by as much as 38% in the subsequent 48-hour period. Much of this spam was linked to the Cutwail botnet, currently one of the largest botnets and responsible for approximately 15-20% of all spam. Its activity levels fell by as much as 90% when Real Host was taken offline, but quickly recovered in a matter of days." more

Apparently Legitimate Estonian ISP Operating as Large Cybercrime Hub Since 2005

An apparently legitimate ISP in Tartu, Estonian is reported to have been serving as the operational headquarters of a large cybercrime network since 2005 according to TrendWatch, the security research arm of TrendMicro. "An Estonian company is actively administering a huge number of servers in numerous datacenters, which together form a network to commit cybercrime. It appears that the company from Tartu, Estonia controls everything from trying to lure Internet users to installing DNS changer Trojans by promising them special video content, and finally to exploiting victims' machines for fraud with the help of ads and fake virus infection warnings..." more

Are Phishing and Malware Separate Threats?

Phishing is when bad guys try to impersonate a trusted organization, so they can steal your credentials. Typically they'll send you a fake e-mail that appears to be from a bank, with a link to a fake website that also looks like the bank. Malware offers another more insidious way to steal your credentials, by running unwanted code on your computer... I like VeriSign's characterization of this kind of malware as an insecure endpoint, the PC which is the endpoint of the conversation with the bank isn't actually under the control of the person who's using it. more

Survey Suggests Strained Budgets Causing Security Cutbacks on Known Threats

A recent survey of security professionals by RSA Conference with regards to critical security threats and infrastructure issues currently faced, revealed budgetary constrains as the top challenge currently faced. According to reports, the study suggests that even though practitioners are most concerned about email phishing and securing mobile devices, technologies addressing these needs are at risk of being cut from IT budgets. 72% percent of respondents indicated a rise in email-borne malware and phishing attempts since Fall 2008, with 57% stating they have seen an increase in Web-borne malware. Concerns about zero-day attacks and rogue employees as a result of layoffs were cited by 28% and 26% of survey respondents, respectively. more

Malware Production Continues at Record-Setting Pace; 6000 Unique Pieces Per Day

Security researches report seeing as much unique malware in the first half of 2009 as seen in all of 2008. "This is quite something when you consider that in 2008 we saw the greatest ever growth in malware," says David Marcus of McAfee Avert Labs. More specifically, Marcus in a blog post writes that the numbers add up to an average of 200,000 unique pieces malware monthly or more than 6,000 a day. "Bear in mind these are malware we consider unique (something we had to write a driver for) and does not count all the other malware we detect generically or heuristically... When you add in the generic and heuristic detections the number becomes truly mind boggling," writes Marucs. more

Global Recession Appears to Have Also Hit the Malware Industry

According to reports by German software security company G Data, since the beginning of summer, the malware community appears to have been scaling back its activities. This considerable reduction is, according to the estimates of G Data security expert Ralf Benzmüller, not solely due to the forthcoming holiday season. The global recession appears to have also hit the eCrime economy. "This phenomenon emerges every year as something new. At the start of the holiday season, the number of malware programs falls. One reason for this is the worldwide onset of the travel season, which, based on experience, causes a drop in the number of active Internet users. However, this does not explain a collapse of more than 30 percent," says Ralf Benzmüller. more

Trojans Fastest Growing Category of Data-Stealing Malware

The Anti-Phishing Working Group (APWG) recently reported that the number of sites infecting PCs with password-stealing crimeware reached an all time high of 31,173 in December 2008 - an 827 percent increase from January. And according to a report just released by Trend Micro's Focus Report, 93 percent of data-stealing malware have been identified as Trojans in the first quarter of 2009. more