Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/1/2011
03:03 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

2010 Threats Year In Review: Toolkits Dominated The Cybercriminal Scene

The rise of toolkits turned nontechies into hackers

CUPERTINO, Calif., March 31, 2011/PRNewswire/ --Wannabecybercriminals were able to execute attacks with impunity and relative ease thanks to toolkits, pre-written software programs designed to steal information, rendering 2010 "The Year of the Toolkit" according to Trend Micro threat researchers. Toolkits proliferated through mass social media sites like Twitter throughout the year.

"While [toolkits] have always been a part of the cybercrime underground, in 2010 they flourished and became an even bigger part of the overall threat landscape," stated Trend Micro's 2010 threat round-up report. "Toolkits allow cybercriminal attacks to be conducted with far less effort and time, the effects of which can be seen in the explosive growth of threats in 2010."

United States, India got spammed the most

The crackdown of Spamit operations in October 2010 led to a decline in spam between November-December, a time when holiday spam is usually on the rise.

While overall global spam volume decreased, the U.S. received the most spam with India coming in second, due to the country's growth in Internet usage and its use of English in most forms of formal communication. The countries that received the least amount of spam were Argentina and Israel.

Europe experienced the highest spike in spam, frequently written in Spanish and most of which were online casino and gambling themed due to the region's more lenient gambling regulations. And Russia, a country where sending spam is not yet a criminal offense, was the top spam generator during Q4 2010.

Most spam were pharmaceutical and health-care related

If you have an email account, chances are you received plenty of pharmaceutical and other health-related spam, which Trend Micro threat researchers said made up the majority of the spam tracked throughout the year. Throughout 2010, spammers also used email to disguise phishing and malware attacks that hit popular social networking sites, another hotbed for cybercriminals due its prolific communities of users.

United States, China had the most malware infections

More than 80 percent of the top malware that caused the most infections in 2010 arrived via the web. The majority of malicious URLs and, consequently, victims of malware infections in 2010 were found in the U.S. and China. Russia was also a significant source of spam that contained embedded malicious URLs.

Mobile threats target different platforms, both old and new

During the summer of 2010, Trend Micro threat researchers discovered malware targeting the new Android OS and applications. By August 2010, the DroidSMS appeared, a malicious text message sending an application disguised as Windows Media Player. A week later, another application designed to send a user's GPS location via HTTP POST came to the scene.

Trend Micro also discovered other malware targeting older smartphone OSs like Symbian. Cybercriminals are always on the lookout for any form of monoculture to serve as a large base of possible targets for scams or malware attacks. For example, the growing popularity of Android OS in smartphones, along with the OS' open source code and vulnerable applications, has already contributed to an increase in attempts that target the OS.

Cloud-based protection from Trend Micro

The Trend Micro(TM) Smart Protection Network(TM) provides the infrastructure behind many Trend Micro products and delivers advanced protection from the cloud, blocking threats in real-time before they reach you. By the end of 2010, the Smart Protection Network was seeing 45 billion queries every 24 hours, blocking 5 billion threats and processing 3.2 terabytes of data on a daily basis. On average, 102 million users were connected to the cloud network each day.

The Smart Protection Network uses patent-pending "in-the-cloud correlation technology" with behavior analysis to correlate combinations of web, email and file threat activities to determine if they are malicious. By correlating the different components of a threat and continuously updating its threat databases, Trend Micro has the distinct advantage of being able to respond in real time, providing immediate and automatic cloud protection from email, file and web threats.

For the full threat report, please visit:http://us.trendmicro.com/us/trendwatch/research-and-analysis/threat-reports/index.html

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest web threats. Visit TrendWatch to learn more about the latest threats. Trend Micro's flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. Many of these solutions are powered by the Trend Micro Smart Protection Network, a next generation cloud-client content cloud security infrastructure designed to protect customers from web threats. A transnational company, with headquarters in Tokyo, Trend Micro's trusted security solutions are sold through its business partners worldwide. Please visit TrendMicro.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...