85% of Links Identified in Cyber Attacks Last Year Led to Hijacked Authentic Websites - Websense
Websense, a known security firm, recently published the 'Websense Security Labs 2014 Threat Report' stating the details of threats and trends marked last year (2013). The figures in the report confirm that 85% of the malicious links spotted in emails or web attacks during last year pointed towards authentic websites which were hijacked by cybercriminals. The report also confirms that hackers mostly attacked websites of business and economy, IT, shopping and travel houses.
3.3% of all spam messages contained malicious links with other malicious content, highlights the recently released report.
Websense stopped 1.8 billion of malicious redirects in 2013 and the company found four redirects per attack on an average with maximum 20 redirects in a single attack.
Regarding exploit kits, the report of security firm confirms around 67 million exploit kit events during 2013 with the Neutrino and Magnitude Exploit Kits experienced the biggest surge in adoption following the imprisonment of Paunch, creator of Blackhole.
As a result, 64 million dropper file events were identified and 30% of malevolent executable files were sampled containing custom encryption of C&C (command and control) communication or information exfiltration.
Moreover, security researchers of Websense observed that Zeus Trojan which was initially designed as a financial threat and key-logging malware, considerably augmented in use as it was repurposed for other upright markets. During last year, Zeus malware targeted government and communication industry along with financial firms among top five verticals. However, services and manufacturing sectors were the top two industries struck hardest by Zeus malware.
Darkreading.com published news on 4th April, 2014 quoting the comment of Charles Renert, Vice President of security research for Websense, on the abovementioned finding as "Cybercriminals continue to progress their planning of attack and execution to stay ahead of most existing security measures."
He added that there has been a boom in the activity of cybercriminals on a massive scale as the determined and persistent attackers continue to use zero-day exploits and advanced malware to succeed in attacks. Even these more ordinary forms of assault are effortlessly slipping past businesses without real-time defenses.
» SPAMfighter News - 12-04-2014