Stats Show Redoubled Effort by Criminal Enterprises to Infect PCs with Crimeware
LOS ALTOS, Calif. & CAMBRIDGE, Mass. -- The APWG announced today that its first quarter survey reveals a near doubling of the number of crimeware-spreading URLs at the end of the period, up from the previous record of 3500 detected crimeware-spreading website addresses.
The APWG reported that 6500 crimeware-spreading URLs established to infect PCs with password-stealing programs were detected in March, up 93 percent from 3362 in January - and an increase of 337 percent from the number detected at the end of Q1, 2007. The increase in crimeware-spreading URLs represents an increase of nearly 86 percent from the previous record of 3500 in November, 2007.
Websense Chief Technology Officer and APWG Phishing Activity Trends Report contributing analyst Dan Hubbard said that this rise can be attributed to the increase in mass SQL injection attacks that have been on the rise this year and have contributed to the number of compromised servers hosting and spreading crimeware. Discussions of those attacks can be found here: http://securitylabs.websense.com/content/Alerts/3070.aspx
Criminal hackers have apparently redoubled their efforts to develop new techniques to bypass security measures taken by consumers and enterprises, creating new programs to evade anti-malware filters before they can be updated with fingerprints of the most recently minted crimeware. The number of unique keyloggers (applications often crafted into crimeware to intercept consumers' online user credentials for abuse by criminal organizations) detected during the period rose steadily, ending at 430. This is an all-time record, some 18 percent greater than the number recorded in the previous record month of January, 2008, when 364 unique malicious applications were detected.
Unique brand-domain pairs - the number of domains being used to target a specific brand by hosting URLs in phishing attacks - rose steadily throughout the sampling period from January through March, increasing from 6682 to 7584.
John LaCour, CISSP, Director of AntiPhishing Solutions at MarkMonitor and an APWG Phishing Activity Trends Report contributing analyst said, "While the number of unique URLs declined by nearly a third due to lower Rock [phishing gang] phish activity, the actual number of attacks as measured by a combination of brand and phishing domain names increased 11%. This indicates that traditional phishing is as strong as ever and increasing."
Crimeware and criminal abuse of network resources will be one of the principal foci at this year's APWG General Members Meeting and eCrime Researchers Summit to be held in Atlanta on October 14, 15 and 16. MarkMonitor, Afilias and IEEE's Standards Association are conference week sponsors. More information and a draft agenda is available here: http://www.antiphishing.org/events/2008_generalMeeting.html
The full text of the Q1 2008 Phishing Activity Trends report is available here:
http://www.antiphishing.org/reports/apwg_report_Q1_2008.pdf. APWG has redrafted its APWG Phishing Activity Trends Report in a quarterly format to allow time for more comprehensive trend analysis. The APWG will be adding metrics in the quarters to come in order to measure with broader relevance all the dimensions of electronic crime on the Internet.
About the APWG: The APWG is an industry, founded as the Anti-Phishig Working Group in 2003, is an industry, law enforcement and government coalition focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing, and crimeware. Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community and solutions providers. There are more than 1,800 companies and government agencies worldwide participating in the APWG and more than 3,200 members. The APWG's Web site (www.antiphishing.org) offers the public and industry information about phishing and email fraud, including identification and promotion of pragmatic technical solutions that provide immediate protection. APWG's corporate sponsors include: 8e6 Technologies, AT&T (T), Able NV, Afilias Ltd., AhnLab, BillMeLater, BBN Technologies, BlueStreak, BrandMail, BrandProtect, Bsecure Technologies, Cisco (CSCO), Clear Search, Cloudmark, Cydelity, Cyveillance, DigiCert, DigitalEnvoy, DigitalResolve, Digital River, Earthlink (ELNK), eBay/PayPal (EBAY), Entrust (ENTU), Experian, eEye, Fortinet, FraudWatch International, FrontPorch, F-Secure, Goodmail Systems, Grisoft, GeoTrust, GlobalSign, GoDaddy, Goodmail Systems, GuardID Systems, HomeAway, IronPort, HitachiJoHo, ING Bank, Iconix, Internet Identity, Internet Security Systems, IOvation, IS3, IT Matrix, Kaspersky Labs, Lenos Software, LightSpeed Systems, MailFrontier, MailShell, MarkMonitor, McAfee (MFE), MasterCard, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, MySpace (NWS), MyPW, MX Logic, NameProtect, National Australia Bank (ASX: NAB) Netcraft, NetStar, Network Solutions, Panda Software, Phoenix Technologies Inc. (PTEC), Phorm, SalesForce, Radialpoint, RSA Security (EMC), SecureBrain, Secure Computing (SCUR), S21sec, Sigaba, SoftForum, SOPHOS, SquareTrade, SurfControl, Symantec (SYMC), TDS Telecom, Telefonica (TEF), Trend Micro (TMIC), Tricerion, TriCipher, TrustedID, Tumbleweed Communications (TMWD), SurfControl (SRF.L), Vasco (VDSI), VeriSign (VRSN), Visa, Websense Inc. (WBSN) and Yahoo! (YHOO).
No comments:
Post a Comment