In the second quarter of 2014, Kaspersky Lab has published a report on a bank fraud scam that led to theft € 500.000 by 190 victims in just one week. During the same period the appearance of the first mobile encryptor found to be available on the Internet, sold for $ 5.000 on the black market, and has already "infected" 2.000 devices in 13 countries in less than a month. In the same period, iOS malware and other mobile platforms for a "legal" monitoring tool, as well as the reactivation of the MiniDuke campaign, which appeared at the beginning of 2013. This threat turns against governmental organizations, energy, defense, transport and telecommunications organizations, even against traffickers of illegal steroids and hormones.
"The first six months of the year showed that, like was foreseen, encryption of smartphone data has evolved. Criminals make money by using methods that have proven effective for PC users. The growing interest in large sums of money among those who carry out such attacks is obvious. This fact is also reflected in the sharp rise (14,5 times) in the number of bankers Trojans over a one-year period. In addition to attacks targeting economic benefits, the tracking technology race is showing no signs of relaxation. HackingTeam's mobile units have shown that a portable device can be used to gain full control over the entire environment inside and around the devices of a victim, "commented Alexander Gostev, ChiefSecurityExpert, GlobalResearchandAnalysisTeam Kaspersky Lab.
Attacks on the Internet
- 354,5 millions of attacks started from online sources, a number more than 1,3 million compared to 1ο Semester.
Mobile threats
- At the end of the first quarter of 2014, Kaspersky Lab's collection of mobile malicious software was almost 300.000 samples. In the second quarter, the collection increased against 65.000 new malware.
Mobile malware developers are no longer just focusing on the Android platform. Digital criminals have been able to exploit both iOS functionalities. Characteristically, unleashing Apple ID attack, criminals can completely block a device and demand payment, to unlock it. This news revealed the activities of Hacking Team, an Italian company that sells "legitimate" software called Remote Control System (RCS). Kaspersky Lab published its results latest research της σχετικά με αυτό το λογισμικό. Η έρευνα έδειξε ότι υπάρχουν αρκετές μονάδες mobilemalware για συσκευές με λειτουργικά Android, iOS, Windows Mobile και BlackBerry, οι οποίες έχουν προέλθει από τη HackingTeam. Η malware μονάδα για συστήματα iOS επιτρέπει σε έναν εισβολέα να αποκτήσει πρόσβαση στα δεδομένα μιας συσκευής, να ενεργοποιήσει κρυφά το μικρόφωνο και να τραβά photos. Έτσι, μπορεί να προσφέρει πλήρη έλεγχο σε όλο το περιβάλλον μέσα και γύρω από τη συσκευή του θύματος.
In addition, in May, Kaspersky Lab discovered the first mobile encryptor which circulates openly on the Internet. Called Pletor, this program locks the phone for “projection απαγορευμένου πορνογραφικού περιεχομένου», κρυπτογραφεί την κάρτα μνήμης του smartphone και απαιτεί – μέσω μηνύματος στην οθόνη – ransom από τον ιδιοκτήτη της.
Also, in the quarter, the evolution of the ransomware programs has been observed, with this technology showing active growth. In early June, Kaspersky Lab detected a new modified version of Svpeng, a malicious program targeting mainly US users. This Trojan locks the phones and requires $ 200 to unlock them.
Online banking threats
- In the second quarter of 2014, 927.568 computers were attacked with banking malware. It is worth noting that May saw a 36,6% increase in these attacks compared to April.
- During the same period, 2.033 mobile banking Trojans were identified. Since the beginning of 2014, their number has quadrupled. In the last year (since July 2013), the number of these programs has increased 14,5 times.
- Nine out of ten of the most popular malware 'families' work by placing a random HTML code on the web page that appears in the browser and intercepting the payment data entered by the user on the authentic page or on quoted online forms.
Malicious objects
- 60 has detected millions of unique malicious objects (scripts, web pages, exploits, executable files, etc.). This number is twice as high as the first quarter of 2014.
- In mid-April, KasperskyLab introduced one analysis for two new exploits in ShockwaveFlash (SWF), which later confirmed Adobe as a new zero-day vulnerability.
- 145,3 million unique URLs were identified as malicious by webantivirus solutions - 63,5 million more than in the previous quarter.
The full report is available at securelist.com. For more information, you can also visit it Digital real-time threat map of Kaspersky Lab.
