2009 in threats: Fake security software, search engines and social networks
The latest State of the Internet 2009 report by CA states that the most notable 2009 online threats were rogue/fake security software, major search engines, social networks and Web 2.0 threats. The report compiles trends from the first half of 2009.
CA researchers tracked the following trends in 2009:
Rogue or fake security software: Software that poses as legitimate Internet security software but is actually malware has experienced a significant surge in popularity. In the first half of 2009, CA added detection for 1,186 new variants of rogue security software, which is a 40% increase compared to the last half of 2008.
Search index poisoning: Google is a frequent target of online threats. Attackers employ sophisticated search engine optimizations to manipulate search engine rankings and poison users’ search results, which direct them to compromised Web sites that can cause malware infections.
Social networks/Web 2.0: Popular online communities, blogs and social media sites, such as YouTube, MySpace, Facebook and Twitter, are highly targeted. Financially motivated organized groups are among the aggressive attackers, creating hundreds of bogus profiles to perform various tasks, including distributing malware, spamming and stealing users’ online identities to perpetrate further cybercrime. Win32/Koobface is an example of a worm propagating through social networking sites. It uses the affected user’s login credentials to send messages to the user’s list of connected friends and family. In 2009, CA ISBU discovered more than 100 components and mutated strains belonging to the Win32/Koobface family.
Identity theft: Attacks targeting online credentials allowed attackers to distribute further cybercriminal activities, such as email address harvesting for Spam bots, sweeping FTP accounts for web infection and attributing to social network worm propagation, like Win32/Koobface. Stealing Trojans accounted for 23% of the most prevalent malware infections in 2009.
Cybersquatting and typosquatting: Malicious Web sites that masquerade as legitimate, reputable sites deceive users into undertaking transactions or activities in which they divulge sensitive data.
Mac OS X threats: Security threats have come to the Mac. In 2009, CA ISBU has added 15 intelligent signatures detecting Mac OS X threats. The most prevalent being OSX/Jahlav.
While spam and phishing scams are still on the rise, the breakdown for how malware was distributed in 2009 was dominated by the Internet at 78 percent, followed by email (via attachments or phishing) at 17 percent, and finally removable media (such as USB drives, digital photo frames, etc.) with 5 percent.