Lavasoft News - June 2007

Cyber Criminals: Savvy, Professional, and Organized

Malware goes mainstream.

Sound far-fetched?

Think service contracts, personalization, and upgrades. It’s all there. Suppliers of malware have become quite sophisticated in their offerings. Their motivation? Think one simple word: profits.

Malware suppliers have adopted many of the same business practices used by leading software providers. But they are going one step further. By embracing their competitors, malware suppliers are becoming more like a consortium in their ability to strategically deliver customized offerings, to tap into synergies, and, significantly, to share market intelligence.

Large enterprises may continue to be the most visible of the victims of cyber crime, but they are no longer its main focus. Small to medium-sized firms provide much more viable targets. But how do malware suppliers find the right targets?

One thing is for sure: they are not reinventing the wheel.

Malware suppliers are borrowing market research concepts and turning them into tools that can gather relevant information about potential targets. Armed with treasures such as browser version, operating system software, IP address, and level of security patch, malware writers have a ready end-user profile at hand.

The Internet Security Systems X-Force team at IBM, headed by Gunter Ollman has been actively researching the methods used by cyber criminals. In a recent Info World article, Ollman states that the most sophisticated of these cyber criminals are trading information such as IP addresses to ensure that their latest work is not discovered.

Though they may not have face-to-face meetings or send e-mail correspondence, these cyber criminals have other means of communicating with each other. Whether through chat rooms or bulletin boards, they collaborate in ways that help extend the reach of their malicious code.

There is strength in numbers.

As recently reported in Info World, McAfee’s latest research report shows that criminals are connecting in greater volume than ever before. Dave Marcus, a security research manager at McAfee’s Avert Labs believes that the criminals are doing a better job at communicating than the security industry itself.

Countries like Russia and China, which do not participate in worldwide groups that fight malware use, have become hotbeds for cyber criminals. With no shortage of outlets for the distribution of their malicious code, their activity is expected to flourish in 2007.

VoIP systems are expected to see an increased volume of threats, as are mobile devices like smart-phones. Threats in the form of phishing attacks, spyware, and mobile spam will become more commonplace.

What’s an end-user to do? Natalie Lambert, of Forrester Research, recommends using a multi-layer approach to safeguard yourself. Having a single security measure, such as an anti-virus program, is no longer enough and can’t protect against specific, targeted attacks, the type that are becoming de rigueur for sophisticated malware suppliers.

Home   arrow

Lavasoft recommends SpeedUpMyPC - Buy Now for $29.95
Computer users are safety savvy when it comes to understanding potential threats coming in through their e-mail inboxes, like phishing, viruses, and malware. Results from an E-mail Sender and Provider Coalition survey show that over 80 percent of users recognize and report spam through functions in their e-mail service. Yet, it only takes one e-mail user in 10,000 to buy something from a spammer to keep them in business.

Source: Network World
Term of the Month
RSS is a type of web feed format used to publish constantly updated web-based content like blogs and news feeds. RSS stands for Really Simple Syndication, and can also refer to Rich Site Summary or RDF Site Summary. RSS delivers information as an XML file called an RSS feed or webfeed. By subscribing to a website's RSS feed, new content from that site is retrieved and presented to the computer user through their feed reader or feed aggregator program.

Tech Tips
It can be difficult and time consuming to keep track of all the news available on the web. Sign up for RSS feeds to stay up-to-date with news from your favorite websites. RSS is a convenient way to distribute news, plus it allows you to control the amount of data you receive online and decrease your online traffic, saving you time by not having to visit individual sites. To use RSS feeds, simply choose an RSS reader tool and then load RSS feeds into your reader from the sites you are interested in.

Lavasoft's Company Blog and the News from Research blog have RSS feeds up and running. By subscribing to the News from Research blog, you will be notified whenever a new Definitions File is released.
Helpful Homepage
Stop is a "neighborhood watch" group dedicated to fighting badware - spyware, malware and deceptive adware. Educate yourself by reading their in-depth reports on applications and websites, or fight back by submitting your badware story to aid their clearinghouse effort.
Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg