Monthly Archives: December 2012

Android devices in U.S. face more malware attacks than PCs

Almost 10 percent of Android devices have experienced a malware attack over a three-month period, compared to about 6 percent of PCs

By John P. Mello Jr.

Android devices are now attacked more often by malware than PCs, according to a report released today by Sophos, a cyber security software maker. It said that almost 10 percent of Android devices in the U.S. have experienced a malware attack over a three-month period in 2012, compared to about 6 percent of PCs.

With 52.2 percent of the smartphone market in the United States,  Android has become a tempting target. “Targets this  large are difficult for malware authors to resist,” the report said.  “And they arent resisting attacks against Android are increasing rapidly.”

Sophos noted that the most common malware attack on Android involves installing a fake app on a handset and secretly sending expensive messages to premium-rate SMS services.

Cyber criminals have also found ways to subvert two-factor authentication used by financial institutions to protect mobile transactions, according to the report. They do that by planting eavesdropping malware on a handset to obtain the authentication code sent to a phone by a bank to complete a transaction.

During 2012, the report said, hackers showed ambition by attacking more platforms, social networks, cloud services, and mobile devices and nimbleness by rapidly responding to security research findings and leveraging zero-day exploits more effectively.

In addition, hackers attacked thousands of badly configured websites and databases, using them to expose passwords and deliver malware to unsuspecting Internet users, the report noted. More than 80 percent of all “drive-by” attacks on unsuspecting Web surfers occur at legitimate websites, according to the report. It explained that attackers hack into legitimate websites and plant code that generates links to a server distributing malware. When visitors arrive at the legitimate site, their browser will automatically pull down the malicious software along with the legitimate code from the website.

The Sophos report also identified the five riskiest and safest countries in the world for experiencing malware attacks. Hong Kong was the riskiest country, with 23.54 percent of its PCs experiencing a malware attack over a three-month period in 2012. It was followed by Taiwan (21.26 percent), the United Arab Emirates (20.78 percent), Mexico (19.81 percent), and India (17.44 percent).

Norway (1.81 percent) was the safest country against malware attacks, followed by Sweden (2.59 percent), Japan (2.63 percent), the United Kingdom (3.51 percent), and Switzerland (3.81 percent).

“The PC remains the biggest target for malicious code today, yet criminals have created effective fake antivirus attacks for the Mac,” the report said. “Malware creators are also targeting mobile devices as we experience a whole new set of operating systems with different security models and attack vectors,” it added.

Retrieved from InfoWorld

Cyber-Criminals Ramp Up Intimidation in Ransomware Scams

Cyber-criminals are dropping the name of the Internet Crime Complaint Center in their ransomeware scams to intimidate victims into paying up by making them fear they’ll get ensnared in a federal investigation.

The gang using the Citadel malware platform to deliver ransomware is now using the name of the Internet Crime Complaint Center in a scheme to intimidate victims into paying.

The Internet Crime Complaint Center (IC3) is a partnership between the FBI and the National White Collar Crime Center. In an advisory, officials warned that the attack infects users with a strain of ransomware known as Reveton—serving as another example of the rising incidence of ransomware in the past year.

In a recent paper, researchers at Symantec analyzed a command and control (C&C) server for a single ransomware family and calculated that the gang behind it earned approximately $394,000 from their scheme in a single month.

“Ransomware threats are getting all too common,” said Kevin Haley, director of Symantec Security Response. “In fact, we recently predicted that 2013 will see ransomware such as this become the next big online scam, overtaking fake AV. We also noted that from here on out, we’re going to see these threats get much more professional looking and sophisticated as cyber criminals refine the scam and up the fear factor. We believe the uptick in the number of these threats and number of gangs investing in this area is quite simple: it’s profitable.”

According to IC3, the Reveton attack begins with a drive-by download that results in the ransomware being installed on the victim’s computer.

“Once installed, the computer freezes and a screen is displayed warning the user they have violated United States Federal Law,” the advisory notes. “The message further declares that a law enforcement agency has determined that a computer using the victim’s IP address has accessed child pornography and other illegal content.”

The warning about the illegal content appears as a message from IC3. To get back full access to their computer, the victim is ordered to pay a fine using prepaid money card services; which service is determined by the geo-location of the user’s PC.

In addition to Reveton, the Citadel malware continues to operate on the compromised machine and can be used to launch online banking and credit card fraud. Citadel was born from the infamous ZeuS toolkit, which had its source code leaked onto the Internet in 2011. Since then, it has grown to be one of the more sophisticated financial malware platforms on the Web today.

“With over 16 gangs currently involved in spreading ransomware we’re seeing multiple methods being used to infect users,” Haley said. “It appears the particular gang related to the Internet Crime Complaint Center is using Citadel to spread the Reveton—also known as Ransomlock.G—ransomware. This threat has been around since May of 2011. However, we recently observed that its spread has accelerated and become increasingly international.”

It’s particularly effective because the attackers behind it are quick to implement the latest exploit kits and social engineering tricks, he added.

“Cyber-crime scams, like traditional crime, typically have a shelf life,” he said. “In other words, a scam is only effective until enough people become aware of it that it is no longer a viable means of making money. Fake AV was a viable money-maker for cyber-criminals for quite some time, but it is starting to fade. It looks like ransomware might be the next big thing.”

Retrieved from eWeek

Browser battle: Chrome vs. Firefox vs. IE vs. Opera

After a long, quiet period of Microsoft dominance, the PC browser market has been broken wide-open again in recent years, with Firefox and Chrome challenging Internet   Explorer, and Opera sniffing at the margins.

Earlier this year, in fact, Chrome overtook Internet Explorer in one major measurement of browser market share, in what was   hailed as a watershed moment for the new browser wars.

However, for a number of reasons, it’s difficult to say who’s on top in this four-way scrap. For one thing, different methods   of measuring market share often provide very different numbers – while data from NetMarketshare.com shows IE in front with   54% of the market for October 2012, StatCounter gives a slight edge to Chrome, about 35% to 32%. W3Schools’ information paints   another picture again, showing a big lead for Chrome (44%) over about 32% for Firefox and just 16% for IE.

The difference is understandable – all of the sites measure different data. W3Schools simply measures its own traffic, and,   as a web development education site, it is likely to be visited by people with more of an interest in non-IE browsers. (The   site has an Alexa ranking of 220, however, giving it a large sample size.) StatCounter tracks visitors to a network of 3 million   associated sites, while NetMarketShare counts unique visitors to a smaller network of 40,000 sites. It’s easy to see why the   numbers can look so different.

But it certainly makes it tricky to say unequivocally that one browser is the one to beat, and that’s part of the reason why   the browser question is the subject of such a big argument in the tech world (and this doesn’t even include mobile browsers,   a relatively small market for now).

CHROME

Either the most-used or second-most-used browser in the world, depending on whom you ask, Chrome has rocketed to prominence   since its introduction in 2008. A browser made by the Internet’s most powerful company could hardly fail to gain some traction,   but the speed with which it has achieved seeming parity with Internet Explorer surprised many – not least those behind Mozilla   Firefox, which had labored mightily to reach a respectable second place behind IE.

Chrome’s focus on performance and simplicity has paid off well – through its many versions, which are deployed quickly and   silently through an automatic update process, the emphasis has been on a smooth, streamlined experience.

Criticism of the browser generally centers on privacy issues. Soon after it was launched, there was an outcry over the Suggest   feature, which transmitted keystrokes back to Google HQ. Google’s business model, which depends on the use of personal data for accurate ad targeting, hasn’t won it many favors   among privacy advocates.

INTERNET EXPLORER

The long-time unchallenged leader of the pack, IE is no longer quite as dominant as it was a decade ago, when few used any   other browser. However, time and anti-trust litigation notwithstanding, Microsoft’s browser still commands a huge user base.

Competition, in a very real way, has been a positive thing for IE, forcing Microsoft to modernize and innovate far more rapidly   than it did during its unchallenged period. The past few versions – most notably IE 8, 9 and now 10 – have all boasted substantial   performance increases and added support for new standards like HTML5, designed to bring it more into line with Chrome and   Firefox.

Still, particularly among highly technical types, a powerful dislike of IE runs deep. Saying “IE 6” to a web developer is   practically guaranteed to provoke gritted teeth and shudders of frustration (at least!), thanks to a widespread perception   that Microsoft’s lack of innovation held back the development of new web standards for years.

Microsoft has worked to overcome that antipathy with recent versions of the browser, but is it enough to recover an unchallenged   lead in the market?

FIREFOX

Since 2004, Firefox has been stuck as a perpetual second-fiddle – first to IE, then to Chrome. It’s perhaps a little unfortunate   that the browser that first began to erode Microsoft’s iron grip over the marketplace has never enjoyed its own period of   dominance, but Firefox nonetheless has a huge number of users, and is said to be the most common browser in many parts of   the world, particularly Europe and Africa.

Firefox was the first to introduce tabbed browsing, also known as “the reason why you don’t have about 46 different windows   open on your desktop right now,” and pioneered an ecosystem of plug-ins, allowing users to modify the browser in many ways.   An open-source project – curated and managed by the Mozilla Foundation – Firefox is dedicated to open web standards and helped   bring about a climate in which they could thrive.

Unfortunately, however, the past year or so hasn’t been particularly kind to Firefox. It’s now pretty clearly in third place   behind Chrome and IE in terms of market share, and missteps like a me-too move to a rapid development schedule irritated crucial   enterprise users.

While it still has a vital development community and millions of users around the world, Firefox has to make a big move to   catch up with its main rivals – which, importantly, are both backed by enormously wealthy corporate titans.

OPERA

There’s no getting around it – Opera is the iconoclast of the group. It was the underground browser long before the rise of   Firefox, and, well, it’s still the underground browser. That said, it has a devout and influential following among the geekiest   echelons of the tech world.

Despite a number of innovative features like “turbo mode” – which uses Opera’s own servers as a compression proxy to help   users on slow connections – and powerful integrated features like a mail client and BitTorrent support, Opera has struggled   to build much of a user base outside of Eastern Europe. It is the leading browser in just one country – Belarus.

It may be that Opera has simply missed the boat – even though it pioneered features like mouse gestures and a speed-dial home   screen, its more popular rivals have simply adapted too quickly to be caught. Still, Norwegian parent company Opera Software   has created many mobile versions of the browser, which could prove important if smartphone and tablet use continues to increase   dramatically.

Retrieved from Networkworld