Vulnerabilities / Threats
8/19/2009
07:02 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Identity Theft Malware Surges 600%

Hard times appear to be one reason for the explosion of malicious software designed to steal sensitive personal and financial information.

The indictment of Albert Gonzales of Miami, Fla., for allegedly hacking into corporate computers and stealing more than 130 million credit and debit cards may not have much impact on the identity theft underground.

In the first half of 2009, the number of computer users affected by malware engineered to steal personal information has risen by 600% compared to the January through June period in 2008, according to PandaLabs, part of computer security company Panda Security. In quantitative terms, Panda reports identifying 391,406 computers infected with identity-theft malware in the first six months of the year.

Luis Corrons, technical director of PandaLabs, speculates that the global economic downturn and the thriving black market for credit and debit card numbers and online account information is driving the creation of so much identity stealing malware. He also notes that the distribution of identity-theft malware through social networks and services like Facebook and Twitter is on the rise.

Panda reports receiving more than 35,000 new malware samples -- viruses, worms, Trojans and the like -- every day. Trojan software designed to steal bank details, credit/debit card numbers, or online account login names and passwords represents 71% of this total. That's up from 51% in 2007.

Identity thieves are also seeking sensitive information through a more diverse set of targets. Where previously financial data thieves focused on spoofing online bank sites to dupe users into entering login information, they have recently been targeting a variety of services where payment account information may be stored or entered, like PayPal, Amazon, eBay, or charity sites.

The methods used to propagate identity theft malware have also become more diverse. Whereas e-mail used to be the primary medium for malware distribution, social sites have become a major attack vector, along with infected Web pages, SMS messages containing Web links, and spyware that attempts to convince users to pay for fake antivirus programs.

Acting U.S. Attorney Ralph J. Marra, Jr. said the indictment of Gonzales shows that law enforcement can track down even the most sophisticated global hacking conspiracies. Whether law enforcement can keep up with growth of the identity theft industry remains to be seen.

InformationWeek Analytics has published an independent analysis on data-loss prevention. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Changing Face of Identity Management
Mobility and cloud services are altering the concept of user identity. Here are some ways to keep up.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.