In the second quarter of 2014, Kaspersky Lab has published a report on a bank fraud scam that led to theft € 500.000 from 190 victims in just one weekteam. Κατά την ίδια περίοδο ξεχώρισε και η εμφάνιση του πρώτου mobile κρυπτογραφητή που βρέθηκε να κυκλοφορεί στο Διαδικτύο, ο οποίος πωλείται $5.000 στη μαύρη αγορά και έχει ήδη «μολύνει» 2.000 συσκευές σε 13 χώρες, σε διάστημα μικρότερο τους ενός μήνα. Στο ίδιο διάστημα, παρουσιάστηκαν επίσης μονάδες malicioussoftware based on iOS and other mobile platforms for a "legal" monitoring tool, as well as the reactivation of the campaign MiniDuke, which had appeared in early 2013. This threat turns against governmental organizations, energy, defense, transport and telecommunications organizations, even against traffickers of illegal steroids and hormones.
"The first six months of the year showed that, like was foreseen, encryption of smartphone data has evolved. Criminals make money by using methods that have proven effective for PC users. The growing interest in large sums of money among those who carry out such attacks is obvious. This fact is also reflected in the sharp rise (14,5 times) in the number of bankers Trojans over a one-year period. In addition to attacks targeting economic benefits, the tracking technology race is showing no signs of relaxation. HackingTeam's mobile units have shown that a portable device can be used to gain full control over the entire environment inside and around the devices of a victim, "commented Alexander Gostev, ChiefSecurityExpert, GlobalResearchandAnalysisTeam Kaspersky Lab.
Attacks on the Internet
- 354,5 millions of attacks started from online sources, a number more than 1,3 million compared to 1ο Semester.
Mobile threats
- At the end of the first quarter of 2014, Kaspersky Lab's collection of mobile malicious software was almost 300.000 samples. In the second quarter, the collection increased against 65.000 new malware.
The developers mobile malware are no longer just focused on the Android platform. Digital criminals have also managed to exploit features of the iOS operating system. Features, unleashing Apple ID attack, criminals can completely block a device and demand payment to unlock it. This news revealed the activities of Hacking Team, an Italian company that sells "legal" software called Remote Control System (RCS). Kaspersky Lab has published its results latest research της σχετικά με αυτό το λογισμικό. Η έρευνα έδειξε ότι υπάρχουν αρκετές μονάδες mobilemalware για συσκευές με λειτουργικά Android, iOS, Windows Mobile και BlackBerry, οι οποίες έχουν προέλθει από τη HackingTeam. Η malware μονάδα για συστήματα iOS επιτρέπει σε έναν εισβολέα να αποκτήσει πρόσβαση στα data μιας συσκευής, να ενεργοποιήσει κρυφά το μικρόφωνο και να τραβά φωτογραφίες. Έτσι, μπορεί να προσφέρει πλήρη έλεγχο σε όλο το περιβάλλον μέσα και γύρω από τη συσκευή του θύματος.
In addition, in May, Kaspersky Lab discovered the first mobile encryptor which is open on the Internet. Under the name Pletor, this program locks the phone for "viewing prohibited pornographic content", encrypts the smartphone's memory card and requires - via a message on screen - a ransom from its owner.
Also, in the quarter, the evolution of the ransomware programs has been observed, with this technology showing active growth. In early June, Kaspersky Lab detected a new modified version of Svpeng, a malicious program targeting mainly US users. This Trojan locks the phones and requires $ 200 to unlock them.
Online banking threats
- In the second quarter of 2014, 927.568 computers were attacked with banking malware. It is worth noting that May saw a 36,6% increase in these attacks compared to April.
- During the same period, 2.033 mobile banking Trojans were identified. Since the beginning of 2014, their number has quadrupled. In the last year (since July 2013), the number of these programs has increased 14,5 times.
- Nine out of ten of the most popular malware 'families' work by placing a random HTML code on the web page that appears in the browser and intercepting the payment data entered by the user on the authentic page or on quoted online forms.
Malicious objects
- 60 has detected millions of unique malicious objects (scripts, web pages, exploits, executable files, etc.). This number is twice as high as the first quarter of 2014.
- In mid-April, KasperskyLab introduced one analysis for two new exploits in ShockwaveFlash (SWF), which later confirmed Adobe as a new zero-day vulnerability.
- 145,3 million unique URLs were identified as malicious by webantivirus solutions - 63,5 million more than in the previous quarter.
The full report is available at securelist.com. For more information, you can also visit it Digital real-time threat map of Kaspersky Lab.
