In Q3 2012 - Solutionary’s SERT, Malware Developers Becomes Sophisticated

Solutionary Security Engineering Research Team (SERT) presently issued its Q3 2012 quarterly research report and as per the study, malware developers are performing better and better everyday to hide their creation from antivirus software.

"Cybercriminals constantly form malware and attack methods to avoid security and obtain most gains from their target," Rob Krauss, as asserted by the Director of SERT, explained, as reported by Softpedia.com on September 6, 2012.

From the mass-disturbed malware, we checked, 60% of them can easily cross anti-virus software when it is not working. Cybercriminals can mail recipients with fake mails that infuse malware into networks and computers at extraordinary rates.

The reports also shows that brands, such as Better Business Bureau (BBB) and the deliveries companies like United Parcel Services (UPS) are still the most useful for cybercriminals to cover their malicious campaigns.

Solutionary also discovered that 92% of fake samples examines by it from the last quarter were mass-disturbed malware. The majority malware comprised of banking Trojans, such as Zeus, and Cridex, Gameover. Infact, the report investigated that out of the samples examined during the quarter, 91% banking Trojans belongs to the Cridex family.

Cridex attaches itself to the victim's system and tries to inject various processes that are running at the time. Much alike Zeus, Cridex also has a configuration file comprising of HTML pages and website that can inject code onto. Cridex is simply does not follow banking information, as it can yield user credentials for social media sites and observe and control cookies. This date which is harvested is now put aside to a file and dispatched back to a command-and-control server.

Also, the last quarter has shown that last attack toolkits like Stuxnet and Duqu were initiated to new world in cyber surveillance, and late May 2012 mark the discovery of Flame. Unlike Flame's predecessor, Stuxnet, it seems to have been written purely for espionage. Flame stepped up the game for complicated attack toolkit attached with a more modular design. The subsequent toolkit is called the Gauss toolkit, which was widely publicized. While Gauss lacked some of the sophistication of its predecessor, it continued the modular design and targeted specifically the Middle-East region.

Related article: IM to Have 100 Percent Usages But Poses High Risk

» SPAMfighter News - 10/13/2012