Home > PC Security, Tech News > Malware’s Journey 2010 – Protect yourself from Cybercriminals

Malware’s Journey 2010 – Protect yourself from Cybercriminals

January 9th, 2010

malware-imageMJ’s Death, Swine Flu, Windows 7, Chrome OS, Facebook, Twitter, iPhone, Conficker, Zeus, Avatar, the world was full of these stories in the year 2009. In 2010 it will be different. The major Antivirus Industries predict that the security threats and vulnerable attacks will be worse in 2010.

Adobe Acrobat and Adobe Flash will be leading the target competition by cybercriminals in 2010. Next big target will be the social networking sites like Facebook, Twitter, and MySpace etc. Microsoft predicts that Google new Chrome operating system is vulnerable to cyber attacks which are based on HTML 5 web based applications.

Malware’s new Face painting in 2010:

We saw newly created virus every few weeks and were focusing on that trending issues in troubleshooting during 2009. But in 2010 Malware will change its shape every few hours. Here are the few probably going-to-be-seen symptoms of Malware in 2010.malware-faces-2010

1. Financially Motivated Malware are to grow sharply in this year

2. Vulnerabilities in small software’s like shareware, free-ware, etc…

3. Malware may help steal information which is in-turn used for Ransom demands.

4. Hi-fi Technologies came up to hide from major Malware engines which increases effectiveness of the malware like encryption, Root-kits, code injection, polymorphic and ADS

5. Social Networking sites will be increasingly used as a distribution mechanism – Short URL’s and Spamming

6. Social Engineering Techniques will increase in 2010

7. Malware Research and Protection becomes more challenging

8. Botnets which sends Spam will be at the core of Malware threats in 2010.

9. Our traditional approach to find the Malware using File signatures and heuristic / behavioral capabilities are not enough to protect against latest threats.

10. An increase in attacks from Peer 2 Peer (P2P) and File Sharing Networks

11. Adobe Reader, Adobe Flash, Google Wave will get hit badly by the bad guys.

12. An increase in attacks on Compromised (Jail-Broken) iPhone, Smartphone and Android Mobile devices.

adobe-microsoft

Who Surpasses Who?

Cybercriminals are smart enough in finding loopholes in a product which are popular. Almost all the PC’s have Microsoft and Adobe Products. When the bad guys break the security of a product using the latest methods, the vendor will implement a patch to fix that. This year Adobe will take over Microsoft in Malware Attack 2010. McAfee predicts that Adobe Reader and Adobe Flash will be the No.1 target for the cyber criminals in 2010.

Microsoft’s Windows 7 OS should be safe this year as it has proved to be much safer. Also Microsoft free Security Essentials have proved its height in catching many rogue antivirus software.

Modern Malware Trend in 2010:

1. Several organizations(parties) Involved

2. Compromised sites used to distribute malware

3. Sophisticated malware attacks

4. Key-loggers and Trojans installed on machines to gain Network Access & Steal ID’s.

5. Trading secrets and credit card numbers

6. Root-kits being deployed that evade detection at the kernel level of the OS.

Top Malware’s infected some million PC’s in 2009:

W32/Koobface.Worm targets users of social networking sites. It sends messages to Facebook friends whose computer has already been infected. Koobface variant infected Facebook, Twitter and MySpace and it also download rogue antispyware to victim’s pc.

Zeus Botnets generally spreads through driven-by-downloads which targets social networking and gaming logins. Zeus has sent out more than 1.5 million phishing messages through Facebook.

Zeus steals user information by keystroke loggings. It has the capability to self destruct. 55% infected systems by Zeus Botnets had up-to-date Antivirus installed.

Conficker/W32 (aka Downadup, Kido) generates pseudo-random domain addresses on infected hosts. It disables Automatic Updates and Security Suite’s. Conficker auto spreads on USB’s by creating autorun.inf and also exploits MS08-067 vulnerability.

1. 5 million PC infected

2. $250k for finding the creators of Conficker

Conficker is a big bomb in the malware analysis in 2009 and will still continue its strategy without any significant payloads in 2010.

Rogue Security and fake Antimalware Products:

fake-rogue-software 1. It appears to the normal end user as a genuine security programs by providing fake scan reports

2. Created for Profit and information gathering and distributing to other source

3. These rogue apps are cloned easily to spread to multiple machines in various forms

4. It can be installed either manual or automatic with silent switch enabled.

5. So far more than 150 applications have been discovered

6. Leveraging Black-Hat SEO to boost site rankings

Microsoft has categorized more than 114 Fake Antivirus Softwares which got caught by Microsoft Security Essentials Antivirus Suite.

Also see the Rogue Software Anatomy from Panda Security.

Fake Email Alerts:

warning Real logos, well crafted email messages which will make us think it came from one of the top notch companies. Bad guys are always finding new ways in fooling a Novice user. The emails which are sent by them always contain malicious attachments which contain “call to action” triggering Trojan malware.

Examples of few Phishing Emails:

1. Phishing and Lottery Scam Emails

2. Credit balance over limit – Vodafone, Verizon, etc…

3. Package delivery from DHL, FEDEX, etc…

4. Congratulation for Winning Apple Macbook Pro, Windows 7

5. Patch notices from Adobe and Microsoft

6. Emails regarding password changes from Banks

7. A friend or a group invite message from Facebook and Twitter

Facebook and Twitter – Beware of this Beverages in 2010:

facebookAs an average surfer you will get an invite from your Facebook friends to start or play a game. That invite will appear attractive that will make you think that it may be a Farmville 2.0, but think thrice before you click it. Cyber criminal’s toolkits are evolving to use advanced technologies to increase the sophistication of the attacks, leaving the normal user blind to risks.

Major Internet Security Companies sees that users of Facebook are accepting invitations from unknown groups and events. If bad guys starts a Scam Group and send it across the network, without knowing who it is we will go ahead and accept it just for fake popularity. If you do so, your personal info will be on the Air. See this link where 133,000 members joined in a Facebook group finally found out to be a BIG SCAM.

Also an increase in Rogue Facebook Apps moves the user to install it in their account. So when you click “Yes” to “Do you want to allow this Application to access your Facebook account”, then you are providing all your personal data, wall info, pictures etc. to those application developers. Fake apps developers are finding new ways to make the user to install unauthorized apps.

In 2010 many scam and spam guys will send fake Facebook App request and friends request to your Emails. So I recommend you to install only the trusted ones within Facebook via Facebook Application Installer. Also do not accept any friends request which you don’t know as it may lead to risk of losing your information and pictures,etc…

twitter Twitter, with its 140 character leads the world in faster communication. Twitter becoming the Phisher’s best friend as it mostly uses URL Shortening service like Bit.ly and TinyURL’s. You never know where a shortened URL is actually sending you. We expect the URL Shortening service to use effective filter features when they redirect to the original links.

Phishing Information collected by Cybercriminals on a Single Day:

· Login info for 13677 Global accounts

· 3356 credit cards

· 255 PayPal account logins

· 1038 eBay account logins

· 93 bank of America online banking account logins

· 2609 Hotmail Email account logins

Malware compromises all financial transactions. Yes it is.! Of course that’s the main objective of the creators of the malware’s too. Here are the few things categorized for your attention.

Financial Data Theft
Identity Data Theft
Productivity Threats
CC Number

CVV Number

Expiration date

PIN number

Bank Account Logins

Unauthorized access to confidential information

Stolen user IDs and Passwords

Addresses

Social Security Number

Birth Date

Mother’s Maiden Name

Tax-ID Numbers

Network performance is gradually decreased including the bandwidth

Unwanted Internet traffic which comes and goes from your PC

Changes to the Internet Browser homepages and search engines

Conflicts between Applications and Malware which causes malfunctioning of the programs

Federal Deposit Insurance Corporation (FDIC) warned about the increase in the losses from unauthorized Electronic Fund Transfers (EFTs)

WashingtonPost website reports that in 4 months period 4.1 million credit card numbers are deposited into the phishing account. Plenty of workstations are compromised via non-zero day vulnerabilities.

Webroot’s Threat forecast for 2010:

Fake and Rogue Antimalware Apps (Antivirus 2009, malware Protector 2009, IE Defender, Antispy and the list goes on…) will increase drastically.

Blackhat SEO is against Search Engines TOS, which attempts to redirect search results to particular Rogue Antivirus websites to gain users to visit their website

Mobile device threats

Fake email alerts

Threats utilizing and targeting social networks.

AVG’s Threat Forecast for 2010:

AVG says that Security threats in 2010 will be nastier and more targeted and well organized as it is motivated for Money. It also says that in 2010 cybercriminals can create and deploy thousands of unique pieces of malware without any unique signatures which in-turn bypasses the signature-based antivirus software’s.

Trend Micro future threat report 2010:

Malware is changing its shape every few hours.
Drive-by infections tend to increase where the user visits the suspicious website one time is enough to get infected.
New sophisticated attacks will increase for Virtualization and Cloud Computing.
Bots cannot be knocked out anymore, and will be around forever in the World Wide Web.
Companies which have less security online and social networks will continue to be shaken by data breaches.

How to protect yourself from Virus and Spyware:

Keep your Windows up-to-date via Windows Updates.

Keep your Antivirus, Internet security, Antimalware Software up-to-date periodically.

Scanning USB’s, CD’s – Nothing comes in – goes out without undergoing in-depth scanning.

Avoid downloading any file from File sharing programs like Limewire and torrents downloads.

Any Archives (Zip, Rar, etc) need to be scanned before executed or opening.

Don’t click on any pop-ups alerting you for patch updates like adobe acrobat, java, flash player, active-x plug-ins, etc…

Don’t open any phishing or advertisement emails attachments from your Inbox.

Always have a backup of your data. Remember the old saying, Prevention is better than Cure.

Search Online in the search engines cautiously.

Beware of new plug-in downloads, updates to existing plug-in, new apps downloads, updates to existing apps – If you think it could be legitimate then go to the website of the vendor of the plug-in or applications and download it from there.

Use Link scanners like AVG and McAfee inside your browsers while surfing the Internet to find out which ones are good and which are bad.

Note: If I miss any points above, let me know in the comments section. It will get updated.

Finally What?

all-in-one-malware

Understand the risks and stay safer on the web. Browse cautiously, have a good security suite and stay protected.

If we better understand the threat, we can increase our chances of dealing with it.

Good Luck and have a very Happy Malware-Free New Year 2010 Ahead.

Your feedback is valuable to us and the public. Comment your thoughts about this Research Article and also don’t forget to share it across. Happy New Year 2010.

Comments Closed

  1. Remove Spyware
    June 23rd, 2010 at 19:51 | #1

    Thanks for your post. That helps me a lot.

  2. Google Secret Loophole
    June 29th, 2010 at 13:20 | #2

    well i think it is good site!

  3. remove ThinkPoint virus
    October 27th, 2010 at 13:33 | #3

    Protection from malware is every work:(

  4. remove Internet Antivirus 2011
    December 17th, 2010 at 15:49 | #4

    Your article and analysis is reall insightful! I really appreciate it!

Comments are closed.
Wordpress SEO Plugin by Wordpress SEO Plugin