Antivirus Protection & Internet Security Software
17 Apr 2014Virus News
In December Kaspersky Lab published its threat forecast for 2014. Three months later, the experts found that all three of their ‘End user forecasts’ had already been confirmed.
They said that cybercriminals would target...
- your privacy, leading to greater popularity for VPN services and Tor-anonymizers. The number of people turning to the Darknet in an attempt to safeguard their personal data is indeed increasing. But as well as benevolent users Tor continues to attract dark forces – anonymous networks can conceal malware activity, trading on illegal sites, and money laundering. For example, in February Kaspersky experts detected the first Android Trojan that uses a domain in the .onion pseudo zone as a C&C.
- your money. The experts expected cybercriminals to continue developing tools to steal cash. This was confirmed by the detection of Trojan-SMS.AndroidOS.Waller.a in March. It is capable of stealing money from QIWI electronic wallets belonging to the owners of infected smartphones. The Trojan currently only targets Russian users, but it is capable of spreading anywhere where e-wallets are managed using text messages. Cybercriminals also made use of some standard approaches such as spreading Trojans for mobiles that steal money with the help of malicious spam. And here the global reach is much greater – the Faketoken mobile banking Trojan, for example, has affected users in 55 countries, including users in Germany, Sweden, France, Italy, the UK and the US.
- your Bitcoins. The experts expected considerable growth in the number of attacks targeting Bitcoin users’ wallets, Bitcoin pools and stock exchanges. In the first three months of the year there were lots of incidents that proved this prediction was correct. Among the more newsworthy were the hack of MtGox, one of the biggest bitcoin exchanges, the hacking of the personal blog and Reddit account of MtGox CEO Mark Karpeles and using them to post the MtGox2014Leak.zip which actually turned out to be malware capable of searching for and stealing Bitcoin wallet files from victims.
In a bid to boost their illicit earnings, cybercriminals infect computers and use their resources to generate more digital currency. Trojan.Win32.Agent.aduro, the twelfth most frequently detected malicious object on the Internet in Q1, is an example of a Trojan used in this type of process.
The first quarter also saw a major cyber-espionage incident: in February Kaspersky Lab published a report on one of the most advanced threats at the current time named The Mask. The main target was confidential information belonging to state agencies, embassies, energy companies, research institutes, private investment companies, as well as activists from 31 countries. According to the researchers, the complexity of the toolset used by the attackers and several other factors suggest this could be a state-sponsored campaign.
“As well as new incidents, we saw the continuation of campaigns that had seemingly already ended. For instance, after cybercriminals had shut down all the known command servers involved in the Icefog operation, we detected a Java version of the threat. The previous attack had primarily targeted organizations in South Korea and Japan, but the new version, judging by the IP addresses tracked, was only interested in US organizations,” commented Alexander Gostev, Chief Security Expert, Global Research and Analysis Team.
The full report is available at securelist.com
Cyberthreat real-time map
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software