Cyber criminals outsourcing money-collecting to mobile operators

Cybercrime has come a long way since it was mostly a digital form of vandalism. It has developed into a criminal business operated for financial gain and is now worth billions.

In its Community Powered Threat Report for Q3 2011, AVG focuses on some of the most notable cybercrime developments in the last quarter.

Stealing digital currency
Digital Currency has become very popular in a short time. Facebook Credits, Xbox Points, Zynga coins and Bitcoin now play a vital role in a multibillion dollar global gaming economy. Far from being just of virtual value, many of these currencies are actively traded for real currency. This has not gone unnoticed by cyber criminals, now aiming to steal digital wallets from people’s computers. In June a digital wallet containing close to US $500,000 was stolen when someone broke into the victim’s computer and transferred most, but not all, of the money out of his wallet.

Outsourcing the hard part, collecting the money
In a bid to outsource the hassle and risks of collecting the money, cyber criminals are moving beyond credit cards details and are increasingly using mobile phone operators to do the collecting for them. A criminal might install a Trojan on to a victim’s smartphone that sends premium SMS messages when the owner is asleep. They might use a Facebook scam to get hold of people’s phone numbers and sign them up for an expensive monthly phone charge. A victim’s mobile operator will process the charges and transfer the money to the criminal organization, even if they reside on the other side of the world. If and when a victim notices the charge and the mobile operator is alerted to stop processing payments, considerable amounts may already have been stolen. If the amounts are small enough, many victims may not even notice for months.

Eavesdropping on Android
With Android taking almost 50 percent of the world’s smartphone market share, it is no wonder that cyber criminals consider the platform an attractive target. Most Android malware focuses on making money from premium SMS. However, in July AVG investigated a Trojan that records a victim’s phone conversation and SMS messages and sends them to the attacker’s servers for analysis to identify potential confidential data. This clearly demonstrates the power of modern mobile operating systems but also the tremendous risks unprotected mobile users are open to.

Other key findings in the report:

• Rogue AV Scanner is currently the most active threat on the web
• Exploit Toolkits account for over 30% of all threat activity on malicious websites (“Fragus’ is most popular, closely followed by “Blackhole’)
• Angry Birds Rio Unlocker is the most popular malicious Android application
• The USA is still the largest source of spam, followed by India and Brazil.

“In Q3 we started to see a clear trend in cybercriminals shifting their focus to simplifying money collection,” said Yuval Ben-Itzhak, Chief Technology Officer, AVG Technologies. “Well-organized criminal gangs are now letting mobile phone operators handle the money collecting part by focusing on mobile phones and setting victims up for charges that will appear on their phone bill some time later. Not only is it a lot easier, it also scales to tremendous volumes making money by stealing small amounts from very large groups of victims.”

A recent report authored by the research agency The Future Laboratory reveals that while cybercriminals and malicious programs are becoming increasingly sophisticated and difficult to detect, users are, alarmingly, becoming the weakest link as they are less vigilant about protecting their online devices. The combination of these two factors presents a potentially disastrous cybercrime scenario.

For more details about each of these threats, download the AVG report.