Crimeware-as-a-Service Fueling The Growth of New Threats

CA Technologies has recently released its report on the ever changing threat landscape of the internet naming, State of the Internet 2010. This report presents a thorough analysis of the most widespread threat activity in H1-2010. The report highlights the emergence of organized "Crimeware-as-a-Service" that is propelling the rapid development of complicated new e- threats.

According to the new report from CA Technologies, security researchers have identified over 400 new families of malicious threats in H1- 2010.

With around 73% of total threat infections identified across the globe, computer Trojans accounted for the most prevalent category of new threats. Significantly, around 96% of computer Trojans identified were constituents of "Crimeware-as-a-Service."

As per the report, information stealers were the most widespread computer Trojan families with 47% rate of the total identified during the first half of 2010. On the other hand, threats carried out by organized cybercrooks showed an extensive occurence of Win32/Zbot, Win32/Spyeye, Win32/Bancos, and Win32/ Banker, and Win32/Gamepass. These are the renowned- families of threats that attack web users and steals personal information such as login details, online transaction details and information about online games.

Commenting on the whole issue, Don DeBolt, Director of Threat Research at Internet Security, CA Technologies said, that Crimeware was not something new to the web world, but the level to which a services model had now been adopted was astounding. This new technique of malware propagation made it more difficult to identify and fix. Luckily, security experts and developers were careful about staying ahead of these cybercrooks," as reported by echannelline on October 5, 2010.

Furthermore, leading off from a stable surge in popularity of rogue security software from preceding years, first half of 2010 also witnessed the dominance of this category of malware. Google, the most famous search engine became an attractive target for organized cybercrooks to circulate rogue security software. Besides, Twitter, Facebook, and YouTube were used to circulate FAKE AV in the first half of 2010.

According to the report, Blackhat SEO (search engine optimization) was the most prevalent technique of circulating rogue security software in H1- 2010. Majority of the rogue security software online propagations are embedded on domains that include trending keywords. Generally, these domains are infected websites controlled by automated Blackhat SEO bots.

Related article: Crimeware Server Containing Stolen Data found in Argentina

» SPAMfighter News - 10/12/2010