Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Criminals Increasingly Blend IT Threats



 By: Matt Hines
2006-07-07
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
New research indicates that cyber-criminals are more frequently attempting to integrate multiple forms of attacks to boost their returns and build detailed profiles of the people they aim to rip off.

Security researchers at software maker MessageLabs contend that malware writers, hackers and other cyber-criminals are combining multiple forms of IT threats in an attempt to amplify their efforts.

In the companys latest IT security intelligence report, MessageLabs experts said that criminals are converging their attacks across multiple communications channels, such as e-mail, instant messaging networks and Web sites, and are also pulling together information-gathering techniques, including spyware, spam and phishing schemes, as they seek new ways to menace businesses and consumers.

As businesses and home users have become increasingly savvy about traditional threats delivered via e-mail attachments, criminals are finding new ways to lure end users to consume their attacks, according to the report. Researchers specifically cited a growth in the number of threats that use spam e-mail messages or IMs to distribute links to Web sites where malware or spyware is secretly downloaded to end users computers.

Criminals are also using data garnered from PCs already infected with their botnet virus code to refine their other spam and spyware efforts, said Paul Wood, senior analyst with New York-based MessageLabs. At the end of the day attackers are using any means they can find to build more detailed profiles of individuals in the name of committing identity theft or other forms of fraud against them, he said.

Resource Library:

"As a consequence of businesses more closely watching and filtering e-mail, cyber-criminals are looking for other ways to defeat perimeter defenses and creating much smaller-scale attacks aimed at more targeted audiences," said Wood. "There are fewer attacks delivered via attachments, but far more phishing-like schemes that lure people to malicious Web sites; the HTTP protocol still isnt locked down at most businesses."

A perfect example of the trend toward converged attacks can be found in a newly discovered threat aimed directly at users of eBays PayPal online payment site. The attack uses a phishing e-mail in an attempt to persuade PayPal customers to call a phony customer service call center where they are asked to disclose personal information including their credit card details by an automated voice system.

Click here to read more about the PayPal phishing scam.

Using other common forms of converged attacks, criminals are creating Web sites that distribute small "dropper" malware files that secretly infiltrate PCs and later deliver larger Trojan viruses. Botnet operators are also becoming more sophisticated, using spyware loaded onto the machines they control to garner personal information that can be used to help target other attacks, MessageLabs said.

"The Botnet operators are analyzing behavior and harvesting as much information as they can about each computer, then using that information to target attacks based on the banks or other companies you actually do business with," Wood said. "The information that is acquired is being used to create very specific attacks, and it is being sold to other criminals."

MessageLabs said that during the month of June, the ratio of e-mails it tracked that were carrying viruses actually decreased by 0.5 percent, compared with May. However, the company indicated that there has been a noticeable increase in the number of highly targeted Trojan attacks it has charted, specifically those designed to steal intellectual property from businesses, with approximately one such threat arriving per day, compared with one or two per week during the same period in 2005.

The number of phishing attacks discovered by MessageLabs also decreased slightly in June, dropping by 0.12 percent compared with the previous month, but the proportion of all e-mail-borne threats that contained phishing schemes rose to 18.6 percent, compared with only 12.1 percent of all malicious e-mails in May.

The report contends that spammers also continue to become more sophisticated in refining their attacks. MessageLabs said that criminals are turning to new mediums such as mobile text messaging, Web-based instant messaging, blogs and social networking communities such as MySpace.com to bypass e-mail-based anti-spam measures and more effectively target recipients.

The company said that 64.8 percent of all worldwide e-mail traffic consisted of spam in June, representing a 6.9 percent increase over Mays totals.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.



  Reader Comments: Criminals Increasingly Blend IT Threats
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Matt Hines
 


x}kw6DىCoٖۚ-nOg$!)Jvr[/=(ɏNg-`U* w~ IMKלٔO\Sã}$5]2q=*_rdz&9%G jT7R}f]S kkL|Nშ :':@.Sk4Z535Gԗoˏ~e0-ZIa6)֐NմmZ P8$H.( Ѧwm<"a}C $aD?$5CUVekV6^;s9ȹ׳z$fRvGn(Gd`jI:@*"46S!p55\`p)jPX6tG,> H>!P;uIV@daSO*! lpa+j)y'Ç uȭB ¿{k׳߂ݸy1̳ߌ`E-"'l,R ?q7uLaH&5\O, "c9ˡ,ftg0eȆ}wRM*QR,הbY}m˙=Z8ӼN~3t/iR^ϯs$(֝;` mKIu]+h5M9둫Χ;yи}  d}+5UJ`Z. G$_c::fv}j_"ty[nkMюR=2,gfVҐ gUUj,qT~6zvEzv l,aR422V,]鮘ȏAժ}uڹ풳 9m}j ݙGd@M Wh2s N/z O{uH8=|kh2`cRZIjgdN;'-2dp"˧S0omYn]H.)ލT|Y|ěy30si2)ߦI&@w[@+UkoU:^T7o`2 &4 ?g}=w za4zAu&:h)5?&9gMab&DJH7є6)`I˪ TI%嗋mQu3 .)J!"x^3E !\J!]! g|8Jn.b? [˚&feٜ҅%]WaMoQ#L .uFVuJםn?]LqJjpX.B2iKB0.pjۛZ\M獯fzTb(7ZdL,5,OR7PA^?ςIutOG|BMk6tI< EC#ɠ:ڴ\Vc4!D&MЀ`Ah>[W <{  0&ԟsZ LP#wC۠h&r=kIׇ.[?? { G`p\&{ xk=`DMWtC` V< 2/?>axş݀P}-{&`sDoe93(SJdN˕ }*@H>'hI#r Bг1,`@o%`9`P􎄰R1iJlRi wRTD;7 KŔ=*%nqR%a 934YIjL=?j1!UG,D`v9J,L.Y ϴje[+R,4T(9 t+ZIQ Q#U^?])x[L9 =p `M?bn;N1%]&^>95Z ->MG {D&f+Lo_>L>hQox@6}=weٌi8A0>A̞P,j\p>q|}I8%/5+8dp? X*ܼ? b>Ȝ 8C_gM Yh(d'pC!f4Sy%ew{RgaE8F2b5k%ӇnS/|K؝P48'')N`sW|]Ө5@ӬXKuooE[1(ĿKúJjp -Ho` koռE_xue8HiK-#rB`}.E6GQ4lJ Ւxڇ]{gOEMݱ~[*+nc#SOodV-iV9ҴZZ,<>kp6X"@@7wL)mT.mT^gΧމ;i6E;܎ӧ_tgMH NǮXct+@Zl&VUmTHbzq 0b=ћO9pJ.,]{>Z],-*g5eGjJ k8&ME8` ;fkxF3FԡeSPݷ:¿ R Dw֐~3KJAUcϓas@M$ knV2 &GmܡkC6euEsƱ4St%ri9h& gրziDe˜,Za' #ؚðyU_ySmG3;䆻!`P#f:qV*w[O;$!WTͶwAQ xH1kM8vهE1G{E;= :7a/)epIl_\À>B SL@ΧrE\ ~1~1UŠP=I ]gw`u0$_VT!rB3]?w2_!挮~{t!VBLQQT*8+ :?CUQ@HSj}w88>΁xm/?1Yo>+>k{]w+\s~g^l^cv"O`V$O,p2HU[}`/cҧ8@zU0UESUG+;+]>F]h!.~1X@P A6+8SӞ-5Z,Y~B)'؁-_k9 S! ,r޹m?QeW᧘TVQqiϹu<|[\[S Q|l8`Ȍ)ĨuUԪ}g:z/R.E׌u0ȀN{Wlȡ2p_C܏Sܷ V}uP@&̳iLZԼ *oᄻ,p{S+)~XD4Watx/ N$8У4 HsԳ)AD & /jh_tUM+%Pm2YhSYpg#HٚIuu}l,On?jTSc\O u<@nͦ?,YEn;&}+琩ksC/)ɹ%wA֮NZPn3i`$ezTxY3GGu"M."́08h#2"07$pkj fS))r*H+ů 3Fˁ; _g.lL4>J>hG2cdQ hVz\ 4g2<]c>o 4yQFkoZ,+eeH/) JU-A^Mo6=ITPGQ>8yIc#&ahxmb=Z"FR6 JzϢ C:-[& veN6qa?͕g7ckX?"B5) 0u%hzGSYqza\/n/$h ^1Mu0@ЧlJwѼZC8fGS=u(I,+o*MƱn@uztS6dUsVB gI; #&8=._Ewe2qyh7(۞jMi@h#&w|}}Nr@*5]*{_ sK4G\0R,W1<ʢ'rUN6._-JV(YHX9H(PK Yx[!6Es=a?vq-<92=QZaǰ^P(k㘘ٿ~Ԫۣ)bn}+ =|QtW%}w>:W=yپ|L8q~_w8u;WA{Q~Z>kq O4 }Ej_qHJGV%t>^J?eF&fB, F8oHŸ}/gvnK7mu #4-odhD4|u.IsOUKJ:\w9" 5/YF>9h5oÏOM1k0vhR`QfjmX#aLFD!B2. g^|%V}Xhr!slP6h4lC/Q֭ Bf/3bB!|J'G=;SL&SQ([4wiQ-uyjtJ1SBu?y{d o&<)sǣAg伅)nQW{20)}_?H/K㆟ycPXSω%٘NFBEWU-u*ln rYpJUWVr{ѩc+N c,n%P2Y;pOҠcÙc}d<ݸw[f1vf GPc{~}I.e~W(TR=/bO$J骇\%(]MT--^\RK>\+U@< b]_I{Oz[N Ȧ7S'cef7XCŸA!{ze&}Xs?4hg `zc{ƹ39adOB%[euw+[S'gSc;/HF#%oOSϱ6mG @|Ր;as*|b \<e W_M·⎭zgQ$G IV_NLRGzQ%F}?^cϗ4t0a8Y&?6#l, ebYQa.zş:8?z9/m_Rqd6uF,x` ^ѧ_2RCoT/NbQy^9CLc? WJ3ƚ/BӉo[!t9qX])j5&G5aOAspNu5fT4DeiE#wO̓VKgt?Kx7X2Jn/aDT]Gl4,8[P gY$plR`!6:YQm'1bz:|~q ]]%V4dx.[ YMh T gikNSuL'C1QU(b[3" */7U&w,V b'M$HJ^I?ytER^\Vk{i܂vJ ~;UڑV*j.]cE 3'wyV7iIFn~@ Tf &MO cFחuzASgY,VD\`$%bC`4XiOf‹3DB&K@ZfcͲ/OŖ,4OxZ_<ݩWܹJlgXz˙FљzIG=$l z=+. v Ǯu?B{|\bI &|QH`I$p3JYHi֔LpƖow_Zx)JYR*1 ў5q$Bʀ]DM|C:0@JQ-- ?'q$@>?y c=><-klS$UڶLQxq Rӄ`KTl$iBV`(@I '+q~3uqs)Dh<'[y[~+8anr{Ndԕ0&,cʮĒB$ a I$A=hq>#8t Id24掳0+8u:e`ZOt2Pg{*Ⱨ.a("q0plN6v;[Nn6&dtzU|00N` pCv$An7vIJu[+GU>6s CQRX62*,t5Mv-*")u2-vkHx@Y|a4}b YGW<\B`LOIi|`MUiu"@8DhrM;}9+v@nR{KVx1.,GT ,F b<NDO^x a ݒ^̉/%)Fdd$iݑsVwIгp$|1n].I@Aω- }=L:Jx[ۋ9q['[YDP0{*u01nc*iizLƭG<:*I$ IdtnA4b[{x̒nH.],P @MV Au0]xzkIg!HYcо? 5BBD.k+k0 |AxK;mAbEa !EܟHůt_g#|Q~1'jrP~%\Dh@L\oӼɲ' pW!|M$=QpaVz5^ :wI.-7?W-x Y a+AeNږI1w<71Jg1:-&BqB27bXK;hU!J6| B&]?!Bd0,6-mk?b4 2 T߮g3ZIuXTnU!eon-ې.ܑu }I^ډş-ok{6\Ȗq;mk")_|q]yҿ9MR0!^B $l߼{!۩ì)m#l(M#ۀږձh(JSW_~)F^E[6bĽKfycvN{Mܷc=8y{¡YKj|ubM޸$t86/K 'Ɉ&e?w}R'{2(PGQL?}r闶U0s_ݷ8=n̫ڴd=I^F ÒʋFP ђ,#;ЋgRd3ˣ !̈ОOtsf1ߙ N]A٫ű?yxQ_(Z@ln^g+h5V9T'ns| =5WnnĽlIcd|=ĭnX 3,K?#", K=M).aa :6M݅W}z@~RJ~~/`MNp^xQ)LE| 7V8E-96i[>K4>(C^PB^ݙ’KM=1I.u9ꊚbMp@.~UZC O]c)Iˋ}AE!Lje3)Mt{ 0?i"ΩTh,ZNx%]ȥkc.ZE%>% Zk^YR+ȈzaltOƌWaGSj9椷 GTGXJ9RM` obTy N] g>)fFllz^C `5olz^C캻M` oK.қ≠D37:Vs;w"n@1O΍p'Fc,2hz2n-&~iXx>H'*t=jh܇DJd mcP)ϑVPJj\={(9q7=yjUS*ZYQ#(f벻YT^?xivGBO .kXGl7̋1K%XStϞNGp]X2rrO}TK;TI`o3_w_q0&ALr|w\׻5:v tPĸ/K5]KjL_"|t2O&3'`(8N1V}h+VzK"?{|Qfـj#E~:td$~^PobM#b2zސ}<p"Y RW7˽}D['鍀I +62sXaB p5Z>C}AZ݋V׺颇U y|P_[KuIttZEX;Sc}Fs6$EuE)d wKy–s\vcкlŧtS!嘭#!+^bΑ&,'Qo~*5ב 8 h0.pgj9V%R&P9 dU {/7.nrj&[ք aNJz>pbZ!Ř!b`3^r {fĄ9Av8φRǠQDi_31Faŷn(l;b21x8ϓ/ {g~HO,%@3 "PV: ![C"(S[]ă02]wQPO: 0Ln 03Y:oN+r @:ςs!aZ;o?gg:^XSrZOmj6^V CptYmn¸~(hOuItZFhR `NjP!(%o֗4S(d#֗ N['P~ sA?/?o\}Qkg3r;ƇnFg(_dٮq1>e2 >2@ \_^f%e^e ?eCyFߠoP~Q{1W ?Wsw1~'? /q _gs?]fe_P>f'(U}Sn66oیon3/9IR< 9k^픊8kgK " SV9,2kP g  ~-2:B @n~ Ks\WKM0TntEճKD쵆cn%:@b}a/! c|U$X2M*=!#(48%Y}MNJ 4tk 7b[y@YAI{R}tEI>t𞫫i@Lw<_[nNJ>s\ȜHdZ#+mȾ`T7'%Y#/ܻ Gz‰nQ!/L2f~<ĎnOAr~n}7}Fn_x` ~iMnڧ.\Dpqk;ُϋGkwՕƊ ~3O߆zH'<+?}4(bi3Q*5ýEYRW80׀z[_o?JnAm7g4`n{&d󠮲IP4Us !Qa໯0dH= 礏S0vڢ{衜~54]M4pὍ97F; P7maI䦳T.jZQo\)Uʹ俒$2 z@0+l@MjJUNmJTL3BAzG l]{ۦJ̾ZCO3CX)x}̺lk %/zchd1Ak+cP<틒ՍP a"q0q?K+_{l xG㿄&w`W׽~rh`=E('=|\k,##1苌Y MЦ = B8̈́p˱sPF}v0_ r:'쭰F |m)Ӿf,ӣ6]-Ont ;{QG4 hU%a)jq =A}F垓$gg_5b Fy&b3@p+,D*9"[o %P @EikA/?iwH3軉fKN&%}YQ v.yhFʪv\r#tfR'\\w|7(6؋|%O' ÛwʷQ$L{sL>zQ[`k욧p ?dtE#b[p!@>pM'2QTD Q)Ybd휙/-rxgsͭ@EqDgPy 6s6N`^|ۺ+AѮYmwl`[x%k^F:HM`WH؂{XiWe1RpCV)tOeBNt3C+W5`/=H^3(n)ZF1tVB\ (at!L/Qa˟]lׁP#nȥ+`jk7E]EtA{zwn}C\:1V`7Y=קg[8KIJ y2 !δZxyU~ҥ^.I,g`cQd+8*)ؐrk`4bOP1,sQv7=M`N*)Asa#El ;Ap^7׮msS<"Y4.'tL xje .^sƠ{e75wSfgO1G= `5>gvC%=\s&&tصa=]x 0gWP X-f1%Dv88)ҡCCĞBʄ>eS17@n0\|H d[\O^مt3\j9/YH~> r*r*]xD4;NbŠ bR<'\B/1,#{ŠN|]t1^ʳUO:k^/>Jz`gnVXvQJeY/ ~c Wha<y&gkjuU+kD;ydMn+:cSEᘸe=)jaKm9n~;1{l~r[)Us̥D/4^JB\qrh6