- Bank mobile Trojans doubled
- Rough increase in attacks on bitcoin purses
- "Resurrection" of digital espionage
Last December, the Kaspersky Lab had published its predictions about the digital threat landscape in 2014. Within just three months, its experts companys found that all three of their predictions about threats against end users had already been confirmed.
Specifically, Kaspesky Lab experts predicted that digital criminals would target:
– User privacy, resulting in the rise in popularity of VPN services and Tor-anonymizers. Today, the number of users turning to the Darknet in their quest to protect their personal data is constantly increasing. However, except από καλοπροαίρετους χρήστες, το Tor εξακολουθεί να γίνεται πόλος έλξης για κακόβουλες δραστηριότητες, καθώς τα ανώνυμα δίκτυα μπορούν να καλύψουν τη δραστηριότητα του malware, τις συναλλαγές σε παράνομες ιστοσελίδες και το ξέπλυμα χρήματος. Για παράδειγμα, τον Φεβρουάριο, η Kaspersky Lab εντόπισε το πρώτο Android Trojan που χρησιμοποιεί ένα domain στην pseudo zone “.onion” ως τοποθεσία Command & Control.
- Users' money, with experts estimating that digital criminals will continue to develop related tools. The prediction was confirmed in March, with the detection of Trojan-SMS.AndroidOS.Waller.a. This Trojan can steal money from QIWI e-wallets, which belong to owners of "infected" smartphones. To date, this Trojan only targets Russian users, but can spread to any place where e-wallets are controlled via text messages. In addition, digital criminals have used established methods, such as spreading Trojans to mobile devices that steal money with the help of malicious spam. In this case, the problem is clearly broader. For example, the mobile banking Trojan "Faketoken" has affected users in 55 countries, including Germany, Sweden, France, Italy, the United Kingdom and the United States. It is noted that the number of mobile banking Trojans almost doubled in the first quarter of 2014, reaching 2.503 from 1.321.
– Bitcoins, with experts expecting a significant increase in the number of attacks targeting Bitcoin wallets, pools and exchanges. Several incidents in the first three months of 2014 proved the prediction correct. The most prominent of these include the bankruptcy of MtGox, one of the largest bitcoin exchanges, following a hacker attack and the attack on the personal blog and Reddit account of Mark Karpeles, CEO of MtGox. In this way, digital criminals managed to publish the MtGox2014Leak.zip file, which turned out to be malware capable of searching and stealing Bitcoin wallets. In an effort to boost their ill-gotten gains, digital criminals attack computers and use theconditions them to produce more digital coins. Trojan.Win32.Agent.aduro, which ranked twelfth on the list of the most frequently detected malicious objects on the Internet in the first quarter of 2014, is one of the Trojans used in such processes.
"Living Dead" Returns: The Resurrection of Digital Espionage Campaigns
In the first quarter of 2014 there was an important case of digital espionage. In February, Kaspersky Lab has published her report on one of the most advanced threats of our day, called "The Mask". Its basic goal was confidential information from state agencies, embassies, energy companies, research institutions, investment firms and activists from 31 countries. According to the researchers, the complexity of the tools used by the invaders and various other factors suggest that this campaign could have public support.
“In addition to the existence of new incidents, we noticed that campaigns that appeared to have been completed continued. For example, after cybercriminals had shut down all known command servers involved in business Icefog, we detected a Java version of the threat. The previous attack primarily targeted organizations in South Korea and Japan, but the new version was only interested in organizations in the US, judging by the detected IP addresses," commented Alexander Gostev, Chief Security Expert at Global Research and Analysis Kaspersky Lab team.
The first quarter in numbers
• At 33,2%, computer users around the world have received at least one online attack over the past three months - an 5,9% lower compared to 2013.
• The 39% of the online attacks that were neutralized occurred via US-Russia online resources. The overall rate for these two countries fell by 5 percentage points compared to the first quarter of 2013. Followed by the Netherlands (10,8%), Germany (10,5%) and the United Kingdom (6,3%),
• Over Android mobile 99% was targeting mobile malware. The total number of mobile malware programs increased 1% in the last quarter.
• At the end of 2013, Kaspersky Lab had collected 189.626 mobile malware samples. Only in the first quarter of 2014, 110.324 was added to new malware at the company's base. At the end of the first quarter, the samples collected by Kaspersky Lab amounted to 299.950.
Kaspersky Lab's complete exposure to threats in the first quarter of 2014 is available at e-mail securelist.com
