Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:03 PM
Dark Reading
Dark Reading
Products and Releases

2010 Threats Year In Review: Toolkits Dominated The Cybercriminal Scene

The rise of toolkits turned nontechies into hackers

CUPERTINO, Calif., March 31, 2011/PRNewswire/ --Wannabecybercriminals were able to execute attacks with impunity and relative ease thanks to toolkits, pre-written software programs designed to steal information, rendering 2010 "The Year of the Toolkit" according to Trend Micro threat researchers. Toolkits proliferated through mass social media sites like Twitter throughout the year.

"While [toolkits] have always been a part of the cybercrime underground, in 2010 they flourished and became an even bigger part of the overall threat landscape," stated Trend Micro's 2010 threat round-up report. "Toolkits allow cybercriminal attacks to be conducted with far less effort and time, the effects of which can be seen in the explosive growth of threats in 2010."

United States, India got spammed the most

The crackdown of Spamit operations in October 2010 led to a decline in spam between November-December, a time when holiday spam is usually on the rise.

While overall global spam volume decreased, the U.S. received the most spam with India coming in second, due to the country's growth in Internet usage and its use of English in most forms of formal communication. The countries that received the least amount of spam were Argentina and Israel.

Europe experienced the highest spike in spam, frequently written in Spanish and most of which were online casino and gambling themed due to the region's more lenient gambling regulations. And Russia, a country where sending spam is not yet a criminal offense, was the top spam generator during Q4 2010.

Most spam were pharmaceutical and health-care related

If you have an email account, chances are you received plenty of pharmaceutical and other health-related spam, which Trend Micro threat researchers said made up the majority of the spam tracked throughout the year. Throughout 2010, spammers also used email to disguise phishing and malware attacks that hit popular social networking sites, another hotbed for cybercriminals due its prolific communities of users.

United States, China had the most malware infections

More than 80 percent of the top malware that caused the most infections in 2010 arrived via the web. The majority of malicious URLs and, consequently, victims of malware infections in 2010 were found in the U.S. and China. Russia was also a significant source of spam that contained embedded malicious URLs.

Mobile threats target different platforms, both old and new

During the summer of 2010, Trend Micro threat researchers discovered malware targeting the new Android OS and applications. By August 2010, the DroidSMS appeared, a malicious text message sending an application disguised as Windows Media Player. A week later, another application designed to send a user's GPS location via HTTP POST came to the scene.

Trend Micro also discovered other malware targeting older smartphone OSs like Symbian. Cybercriminals are always on the lookout for any form of monoculture to serve as a large base of possible targets for scams or malware attacks. For example, the growing popularity of Android OS in smartphones, along with the OS' open source code and vulnerable applications, has already contributed to an increase in attempts that target the OS.

Cloud-based protection from Trend Micro

The Trend Micro(TM) Smart Protection Network(TM) provides the infrastructure behind many Trend Micro products and delivers advanced protection from the cloud, blocking threats in real-time before they reach you. By the end of 2010, the Smart Protection Network was seeing 45 billion queries every 24 hours, blocking 5 billion threats and processing 3.2 terabytes of data on a daily basis. On average, 102 million users were connected to the cloud network each day.

The Smart Protection Network uses patent-pending "in-the-cloud correlation technology" with behavior analysis to correlate combinations of web, email and file threat activities to determine if they are malicious. By correlating the different components of a threat and continuously updating its threat databases, Trend Micro has the distinct advantage of being able to respond in real time, providing immediate and automatic cloud protection from email, file and web threats.

For the full threat report, please visit:http://us.trendmicro.com/us/trendwatch/research-and-analysis/threat-reports/index.html

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest web threats. Visit TrendWatch to learn more about the latest threats. Trend Micro's flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. Many of these solutions are powered by the Trend Micro Smart Protection Network, a next generation cloud-client content cloud security infrastructure designed to protect customers from web threats. A transnational company, with headquarters in Tokyo, Trend Micro's trusted security solutions are sold through its business partners worldwide. Please visit TrendMicro.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...
PUBLISHED: 2021-05-11
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)
PUBLISHED: 2021-05-11
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to...
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to ...
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this...