New Year Starts With Surge In Malware

[ritchie58]

The first three months of the year have so far witnessed a rise in malware and some notable cyberattacks, according to a report released today by Panda Security.

 

Trojans made up the biggest slice of malware.

 

(Credit: Panda Security) Tracking a big jump in malware (PDF), Panda Security has uncovered on average around 73,000 new types of threats being released every day. That's a 26 percent increase during this year's first quarter compared with the same period in 2010.

 

Among the various flavors of malware, Trojan horses have accounted for around 70 percent of all threats so far this year. That points to Trojans as a tool favored by cybercriminals who use them to grab bank account information and other personal data directly from their victims.

 

As one example, the people behind the Zeus banking Trojan have been launching another round of attacks designed to sneak past the authentication used by many banks for mobile customers. After infecting a computer, the Trojan displays a phony message claiming to be from the PC owner's bank. That message asks for the person's cell phone number and model to install a "security certificate." But once installed, the so-called certification actually intercepts any messages received on the phone, including those from the actual bank.

 

Zeus kept busy in other ways with variants of the Trojan reaching online payment services, such as Webmoney and MoneyBookers. Even the government of the United Kingdom wasn't immune, as it acknowledged in February that it had been targeted by Zeus as part of an attempt to steal personal information.

 

Beyond the growth in malware, the first quarter of the year also was marked by a few notable security incidents, Panda reported.

 

Google's Android Market showed its vulnerabilities last month following an attack that launched a number of fake, malicious apps. These apps installed Trojans that were capable of stealing personal information and installing other apps. In response, Google was forced to use a kill switch to remove the malicious apps from its marketplace and from mobile devices.

 

Facebook also found itself on the receiving end of a hacking attack. In January, the fan page of company CEO Mark Zuckerberg was hacked with a message that opened with the phrase: "Let the hacking begin." The company attributed the vulnerability to a bug on its end.

 

(Credit: Sophos) Finally, the "hacktivist" group Anonymous, which has attacked a variety of companies, went after one target with a vengeance. After claiming to have knowledge of the people behind Anonymous, HBGary Federal CEO Aaron Barr found his company's Web page and his Twitter account hacked and his own e-mail records exposed to the public. The incident eventually forced Barr to resign from his position.