Nearly two billion people today use the Internet to conduct
business, communicate with family and friends, stay-in-touch with
current events and entertain themselves – and in doing so, expose
themselves to an extensive and growing number of malware threats,
according to a report released by IT management software and solutions
company CA Technologies. The company's "State of the Internet 2010: A
Report on the Ever-Changing Threat Landscape" provides a look at the
most prevalent threat activity in the first half of 2010 including the
emergence of organized “Crimeware-as-a-Service”, which CA researchers
said is fueling the rapid development of new threats.
Researchers identified more than 400 new families of threats--led by
rogue security software, downloaders and backdoors. Trojans were
found to be the most prevalent category of new threats, accounting for
73 percent of total threat infections reported around the world.
Importantly, 96 percent of Trojans found were components of an emerging
underground trend towards organized cybercrime, or
“Crimeware-as-a-Service.”
Also known as “scareware” or Fake AV, the first half of 2010 saw this
category of malware continue its dominance. Google became the preferred
target for distribution of rogue security software through Blackhat
SEO, which manipulates search results to favor links to infected
websites domains, according to the report. Rogue security software
displays bogus alerts following installation and coerce users to pay
for the fake product/service.
“Crimeware isn't new, but the extent to which a services model has now
been adopted is amazing,” said Don DeBolt, director of threat research
for Internet security at CA Technologies. “This new method of malware
distribution makes it more challenging to identify and remediate.
Fortunately, security professionals and developers are diligent about
staying one step ahead of these cyber criminals.”
Research revealed cyber criminals growing reliance on using cloud-based
Web services and applications to distribute their software.
Specifically, cyber criminals are using web and Internet applications
(like Google Apps), social media platforms (such as Facebook, YouTube,
Flickr, and Wordpress), online productivity suites (Apple iWorks,
Google Docs, and Microsoft Office Live), and real-time mobile web
services (like Twitter, Google Maps, and RSS Readers). For example,
recent malicious spam campaigns are posing as email notifications
targeting Twitter and YouTube users, luring targets to a click on
malicious links or visit compromised websites.
The company also recently observed viral activities and abusive
applications in popular social media services such as Twitter and
Facebook – the result of a strong marketing campaign in the underground
market. CA Technologies Internet Security observed a black market
evolving to develop and sell tools such as social networking bots.
The research found underground marketers promote new social networking
applications and services that include account checkers, wall posters,
wall likers, wall commenters, fan inviters, and friend adders. “These
new crimeware-as-a-service capabilities became evident as observed from
the latest Facebook viral attacks and abusive applications that are now
being widely reported,” the report noted.
The State of the Internet 2010 white paper provides industry insights
based on the extensive catalog of received and processed infections
reported by CA Technologies’ Internet security customers and partners
around the world in the first half of 2010.
