In the US, the activities of two international cybercrime groups that made money from fake antivirus programs were terminated. According to preliminary estimates, the damage caused by the groups amounted to $74 million. In addition to US agencies, the operation to shut down these groups involved law enforcement agencies from another 11 countries. About 600 people suspected of implementing fraudulent online schemes were arrested in several Southeast Asian countries.
In June, cybercriminals used Amazon’s cloud to host and distribute malware that targeted Brazilian users and was designed to steal data from customers of nine Brazilian banks. To improve its chances of success, the malware blocked the normal operation of AV programs and special plug-ins that are supposed to make online banking secure. The malware also stole digital certificates and Microsoft Live Messenger credentials.
Russian scammers tried their luck at making money for nothing in June using the BitCoins virtual money system. With the help of new malicious programs they launched a legitimate BitCoins file on the victim computer in an attempt to generate the cyber currency in their own accounts. The BitCoins site administration reacted quickly to block the attacker’s account, so the cybercriminals appear to have made very little money.
June also saw cybercriminals distributing a new backdoor – Backdoor.OSX.Olyx.a – designed to provide attackers with remote control of victim machines. This enabled them to use infected computers to download more malware, launch programs and send commands to an interpreter for execution.
In June, over 200 million network attacks were blocked, 68 million web-borne infections prevented, and 200 million malicious programs detected. The Top 20 malicious programs on the Internet in June included a large number of new entries. Once again it was dominated by malware that makes use of drive-by attacks: redirectors, script downloaders and exploits. These made up 14 of the 20 places in this rating. One of the more notable new entries this month was Exploit.HTML.CVE-2010-4452.bc, which uses a straightforward vulnerability in Java Runtime Environment to download and launch a Java exploit. This in turn allowed other malicious programs to be installed on the victim computer.
Details of the IT threats detected by Kaspersky Lab on the Internet and on users' computers in June 2011 are available at: http://www.securelist.com.
Kaspersky Lab Newsroom
Kaspersky Lab has launched a new online newsroom, Kaspersky Lab Newsroom Europe (http://newsroom.kaspersky.eu/en), for journalists throughout Europe. The newsroom is specifically designed to serve many of the media’s most common requests, making it easier for journalists to find product and corporate information, facts and figures, editorial copy, images, videos and audio files, as well as details about the appropriate PR contacts.
About Kaspersky Lab
Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world’s top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry’s fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky' technology is also used worldwide inside the products and services of the industry’s leading IT security solution providers. Learn more at www.kaspersky.co.uk. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit http://www.securelist.com.