Mobile Devices And Social Networks Key Malware Targets
APRIL 11, 2011
By BEN ROONEY
APRIL 11, 2011
By BEN ROONEY
==================================================
Consumers using Facebook and other social media sites, or using mobile devices, are among the key targets of malware according to the latest Internet Security Threat Report published by anti-virus company Symantec.
The company's 16th report still sees attacks in which specific industries or even individuals, are targeted as one of the main threats, but highlights the developing vulnerabilities that social media and mobile devices open up.
The report identified more than 286 million unique variants of malware, which together were responsible for 3.1 billion attacks on computer users in 2010. The number of attacks delivered via the internet almost doubled, Symantec reported a 93% increase in the volume of Web-based attacks in 2010 over the volume observed in 2009. Shortened URLs appear to be playing a role here too. During a three-month observation period in 2010, 65% of the malicious URLs observed on social networks were shortened URLs.
The report draws attention to the increasing number of attacks against mobile devices, principally Android phones, although it notes that at the moment, the ability to cash in on attacks is more limited as consumers have yet to use their mobiles heavily for online banking and commerce.
According to Orla Cox, Security Operations Manager based in Dublin, it is only a matter of time. "We are at a very early stage in mobile. But the evolution of the threat will be the same as the PC. We are already seeing that."
A demonstration of a fairly rudimentary, and not new, Android trojan showed how easy it is for a phone to be compromised. The geinimi trojan, which was seen mainly in sites in China, allowed hackers to send SMS messages from the phone with no trace to the user, make calls, reveal the exact location of the phone and even—although quite why you would want to—change the phone's wallpaper.
Ms. Cox said that the level of sophistication was only going to increase.
In another demonstration vulnerabilities in Facebook were highlighted. A simple Facebook app, easily built using Facebook's own APIs, allowed hackers to gain access to profile information even from accounts that were supposedly visible only to friends. The information would allow hackers to craft more targeted attacks against individuals, or just to sell on the information to others.
The app also allowed hackers to post links on other's accounts, encouraging them to install the app so propagating itself.
Both the mobile attack and social media attacks relied on users not paying attention to the permissions they were granting, said Ms. Cox. Both Android and Facebook apps explicitly state what permissions they are granted, but many users pay no regard and simply click on regardless.
However while these threats remain potent, it was the targeted attacks that were most likely to cause the biggest compromise of personal data. According to the report data breaches caused by hacking resulted in an average of over 260,000 identities exposed per breach, far more than those from any other form of breach, such as insider threat, accidental loss or poor policies.
While high-profile attacks like Stuxnet, a highly-sophisticated attack against a very specific target, generate a lot of publicity, they remain extremely rare. More commonly, research and reconnaissance are used to mount effective social engineering attacks. Attackers can construct plausible deceptions using publicly available information from company websites, social networks, and other sources. Malicious files or links to malicious websites can then be attached to or embedded in email messages directed at certain employees using information gathered through this research to make the messages seem legitimate. This tactic is commonly called spear phishing.
According to Ms. Cox, such attacks typically targeted specific industries, often passing from one vertical to the next looking. Nor was it necessary for these attacks to use the latest security vulnerabilities. "One of the most potent attacks used vulnerabilities in IE6″, she said.
(source:online.wsj.com)
Consumers using Facebook and other social media sites, or using mobile devices, are among the key targets of malware according to the latest Internet Security Threat Report published by anti-virus company Symantec.
The company's 16th report still sees attacks in which specific industries or even individuals, are targeted as one of the main threats, but highlights the developing vulnerabilities that social media and mobile devices open up.
The report identified more than 286 million unique variants of malware, which together were responsible for 3.1 billion attacks on computer users in 2010. The number of attacks delivered via the internet almost doubled, Symantec reported a 93% increase in the volume of Web-based attacks in 2010 over the volume observed in 2009. Shortened URLs appear to be playing a role here too. During a three-month observation period in 2010, 65% of the malicious URLs observed on social networks were shortened URLs.
The report draws attention to the increasing number of attacks against mobile devices, principally Android phones, although it notes that at the moment, the ability to cash in on attacks is more limited as consumers have yet to use their mobiles heavily for online banking and commerce.
According to Orla Cox, Security Operations Manager based in Dublin, it is only a matter of time. "We are at a very early stage in mobile. But the evolution of the threat will be the same as the PC. We are already seeing that."
A demonstration of a fairly rudimentary, and not new, Android trojan showed how easy it is for a phone to be compromised. The geinimi trojan, which was seen mainly in sites in China, allowed hackers to send SMS messages from the phone with no trace to the user, make calls, reveal the exact location of the phone and even—although quite why you would want to—change the phone's wallpaper.
Ms. Cox said that the level of sophistication was only going to increase.
In another demonstration vulnerabilities in Facebook were highlighted. A simple Facebook app, easily built using Facebook's own APIs, allowed hackers to gain access to profile information even from accounts that were supposedly visible only to friends. The information would allow hackers to craft more targeted attacks against individuals, or just to sell on the information to others.
The app also allowed hackers to post links on other's accounts, encouraging them to install the app so propagating itself.
Both the mobile attack and social media attacks relied on users not paying attention to the permissions they were granting, said Ms. Cox. Both Android and Facebook apps explicitly state what permissions they are granted, but many users pay no regard and simply click on regardless.
However while these threats remain potent, it was the targeted attacks that were most likely to cause the biggest compromise of personal data. According to the report data breaches caused by hacking resulted in an average of over 260,000 identities exposed per breach, far more than those from any other form of breach, such as insider threat, accidental loss or poor policies.
While high-profile attacks like Stuxnet, a highly-sophisticated attack against a very specific target, generate a lot of publicity, they remain extremely rare. More commonly, research and reconnaissance are used to mount effective social engineering attacks. Attackers can construct plausible deceptions using publicly available information from company websites, social networks, and other sources. Malicious files or links to malicious websites can then be attached to or embedded in email messages directed at certain employees using information gathered through this research to make the messages seem legitimate. This tactic is commonly called spear phishing.
According to Ms. Cox, such attacks typically targeted specific industries, often passing from one vertical to the next looking. Nor was it necessary for these attacks to use the latest security vulnerabilities. "One of the most potent attacks used vulnerabilities in IE6″, she said.
(source:online.wsj.com)
==================================================
No comments:
Post a Comment