Trend Micro Uncovers Major Data Breach by SK Communications

In the Third Quarter Threat Report (Q3-2011) released by Trend Micro, data breach by SK Communications in South Korea affecting at least 35 Million users in July 2011 holds much significance and prime importance.

The incident took a toll of the companies including Cyworld and NATE, subsidiaries of SK Communications, one of the most popular social networking, telecommunications, and instant-messaging service providers. Private information associated with e-mail addresses, user names, and contact details were stolen during this incident. However, following the breach, SK Communications immediately sent out an advisory.

After a week of the data breach, analysts at Trend Micro explored a malware, BKDR_SOGU.A, which is anticipated to be the prime reason for the occurrence of the incident. Analysis further revealed that backdoor is enabled with the capability to enter databases that are stored in the infected systems for collecting data. The malware also enabled remote malicious users with the capability of sending commands to the infected systems, thus breaching their security.

Apart from these findings, researchers at Trend Micro also witnessed a major shift to targeted attacks from mass compromises, significantly against large enterprises and government institutions. These researches directed them towards revealing one of the most noteworthy groups of targeted attacks during the third quarter of 2011, the LURID downloader.

Trend Micro classified these malware attacks as advanced persistent threats (APTs), for targeting major companies and institutions in over 60 countries, including Russia, Kazakhstan, and the Ukraine. These cyber criminals initiated over 300 malware campaigns for obtaining confidential data from various targets and take an entire control over the systems of the users attacked. LURID successfully achieved the mission for its innate characteristics. The report reveals LURID to have compromised as many as 1,465 systems.

Conclusively, the report by Trend Micro also uncovered the most significant security attacks occurring in Q3-2011, including DroidDreamLight Android malware, the Justin Bieber video scam that affected LinkedIn users. It also notified the lowering of such malevolent incidents in the US, and the country loosing its prime spot on the list of top 10 spammers.

Related article: Trend Micro Detects Spam Mail Declaring World War III

» SPAMfighter News - 11/23/2011