Kaspersky Lab announces that almost 32 million vulnerable applications and files were detected on users’ computers in Q3 of 2010. The ten most widespread vulnerabilities even included some for which vendors had distributed patches in the period 2007-2009.

Cybercriminals often use flaws in program code to gain access to data and resources on targeted computers. Malicious programs that are designed especially to take advantage of these vulnerabilities are called exploits and are increasingly widespread. They regularly dominate the Monthly Malware Statistics ratings compiled by Kaspersky Lab’s experts. The notorious Stuxnet worm, which exploits not one but four zero-day vulnerabilities in Windows, is yet another example of just how popular these programs are with cybercriminals.

“Previously, cybercriminals mainly targeted vulnerabilities in the MS Windows family of operating systems. However, over the last few years they have shifted their focus to include Adobe products such as Flash Player and Adobe Reader,” commented Vyacheslav Zakorzhevsky, Senior Virus Analyst at Kaspersky Lab and author of the article ‘Cybercrime Raiders’ devoted to the problem of exploits. “As a result, a new product called Adobe Updater was released to perform a function similar to that of Windows Update: the automatic download and installation of patches for programs installed on users’ computers. At present, Sun, whose Java engine also has vulnerabilities targeted by exploits, is also trying to resolve its update situation.”

Unfortunately, many users do not regularly update the software on their computers. This explains why exploits for patched vulnerabilities are still amongst the most widespread malicious programs detected on users’ computers.

In his article, Vyacheslav Zakorzhevsky strongly recommends users to do the following to avoid infections via vulnerable software: regularly check for software updates, install them as soon as they are released, manually if necessary, and do not click on unknown links or open emails that appear in your inbox if you do not know and trust the sender. In other words, follow the basic rules of computer security. Using browsers such as Google Chrome, Mozilla Firefox and Internet Explorer that come with inbuilt filters that block phishing and other malicious websites will also help reduce the risk of being infected.

The full version of the article ‘Cybercrime Raiders’ is available at www.securelist.com/en.

Related Posts

No related posts.

During the recent press tour which was part of Kaspersky Lab’s Security Analyst Summit, Denis Maslennikov, Mobile Research Group Manager, gave a presentation titled ‘Mobile malware and the Internet: a myth or reality?’ In the presentation, Denis talked about the latest mobile malware trends, focusing on how the Internet is being used to spread malware, infect users’ phones and as a means for the cybercriminals to issue commands to their botnets.

The first piece of mobile malware to make use of the Internet was written by a Ukrainian hacker back in 2004. Cybercriminals then lost interest in these types of programs until quite recently, when from June 2009 to June 2010, 35% of all detected smartphone malware operated via the Internet.

There’s a perfectly logical explanation for this – smartphones are becoming increasingly popular. In 2009, the share of the worldwide mobile phone market accounted for by the sale of smartphones stood at 14.2%, and according to Gartner, a respected technology research company, it is expected that this growth will continue up to 18.6%*. Significant reductions in the cost of the mobile Internet has made it more accessible to the wider public and lots of mobile devices are now connected to the Worldwide Web. In practice, this means cybercriminals have yet more resources to exploit.

New mobile malware boasts a broad range of functionality, such as the capability to download other malicious files, detect Internet connections or establish new ones, undertake URL redirection and carry out phishing attacks. Research by Kaspersky Lab has shown that botnets built using infected mobile devices will become more like standard botnets, i.e. they can send spam, steal passwords en masse, carry out DDoS attacks on mobiles, etc.

According to Denis Maslennikov, malware for mobiles will become increasingly complex and operating system specific, while computer users will become ever more reliant on their mobile devices as they gradually usurp the place of desktops.

The full version of the presentation can be found at: http://www.kaspersky.com/press-tour-june-2010.

*Forecast: Mobile Devices, Worldwide, 2003-2014, 1Q10 Update, Carolina Milanesi, 23 March 2010

Related Posts

No related posts.

As part of Kaspersky Lab’s recent Security Analyst Summit, its Mobile Research Group Manager, Denis Maslennikov, gave a presentation titled ‘Mobile malware and the Internet: a myth or reality?’ In the presentation, Denis talked about the latest mobile malware trends, focusing on how the Internet is being used to spread malware, infect users’ phones and as a means for the cybercriminals to issue commands to their botnets.

The first piece of mobile malware to make use of the Internet was written by a Ukrainian hacker back in 2004. Cybercriminals then lost interest in these types of programs until quite recently, when from June 2009 to June 2010, 35% of all detected smartphone malware operated via the Internet.

There’s a perfectly logical explanation for this – smartphones are becoming increasingly popular. In 2009, the share of the worldwide mobile phone market accounted for by the sale of smartphones stood at 14.2%, and according to Gartner, a respected technology research company, it is expected that this growth will continue up to 18.6%(1). Significant reductions in the cost of the mobile Internet has made it more accessible to the wider public and lots of mobile devices are now connected to the Worldwide Web. In practice, this means cybercriminals have yet more resources to exploit.

New mobile malware boasts a broad range of functionality, such as the capability to download other malicious files, detect Internet connections or establish new ones, undertake URL redirection and carry out phishing attacks. Research by Kaspersky Lab has shown that botnets built using infected mobile devices will become more like standard botnets, i.e. they can send spam, steal passwords en masse, carry out DDoS attacks on mobiles, etc.

According to Denis Maslennikov, malware for mobiles will become increasingly complex and operating system specific, while computer users will become ever more reliant on their mobile devices as they gradually usurp the place of desktops.

The full version of the presentation can be found at http://www.kaspersky.com/press-tour-june-2010.

(1) Forecast: Mobile Devices, Worldwide, 2003-2014, 1Q10 Update, Carolina Milanesi, 23 March 2010

Related Posts

No related posts.

During the recent press tour which was part of Kaspersky Lab’s Security Analyst Summit, Denis Maslennikov, Mobile Research Group Manager, gave a presentation titled ‘Mobile malware and the Internet: a myth or reality?’ In the presentation, Denis talked about the latest mobile malware trends, focusing on how the Internet is being used to spread malware, infect users’ phones and as a means for the cybercriminals to issue commands to their botnets.

The first piece of mobile malware to make use of the Internet was written by a Ukrainian hacker back in 2004. Cybercriminals then lost interest in these types of programs until quite recently, when from June 2009 to June 2010, 35% of all detected smartphone malware operated via the Internet.

There’s a perfectly logical explanation for this – smartphones are becoming increasingly popular. In 2009, the share of the worldwide mobile phone market accounted for by the sale of smartphones stood at 14.2%, and according to Gartner, a respected technology research company, it is expected that this growth will continue up to 18.6%*. Significant reductions in the cost of the mobile Internet has made it more accessible to the wider public and lots of mobile devices are now connected to the Worldwide Web. In practice, this means cybercriminals have yet more resources to exploit.

New mobile malware boasts a broad range of functionality, such as the capability to download other malicious files, detect Internet connections or establish new ones, undertake URL redirection and carry out phishing attacks. Research by Kaspersky Lab has shown that botnets built using infected mobile devices will become more like standard botnets, i.e. they can send spam, steal passwords en masse, carry out DDoS attacks on mobiles, etc.

According to Denis Maslennikov, malware for mobiles will become increasingly complex and operating system specific, while computer users will become ever more reliant on their mobile devices as they gradually usurp the place of desktops.

The full version of the presentation can be found at: http://www.kaspersky.com/press-tour-june-2010.

*Forecast: Mobile Devices, Worldwide, 2003-2014, 1Q10 Update, Carolina Milanesi, 23 March 2010

Related Posts

No related posts.

The story is simple: Google Chrome users receive an unsolicited e-mail which announces that a new extension of their favorite browser has been developed to facilitate their access to documents from e-mails.

An apparently unsuspicious link is provided, and the recipients are advised to follow it in order to download the new extension. Once they click the link, they are redirected to a look-alike of the Google Chrome Extensions page, which, instead of the promised extension, provides them with a fake application that infects their systems with malware.

Although the sham application has the same description as that of an original Google Chrome Extension, the first sign the more inquisitive users will get about it not being what they were looking for should be the fact that instead of the expected “.crx” extension, it features a flamboyant “.exe” tail.

Identified by BitDefender as Trojan.Agent.20577 the application modifies the Windows HOSTS file in an attempt to block access to Google and Yahoo webpages. Every time users want to access them and write “google.[xxx]” or “[xx].search.yahoo.com” in the web browser, they will be redirected to another IP: 89.149.xxx.xxx . This allows the malware creators to intercept the victims’ calls to reach the respective sites. In this way, the credulous users will be redirected to the cybercriminals’ own malware-laden versions of those sites.

About BitDefender®
BitDefender is the creator of one of the industry’s fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe – giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

Related Posts

No related posts.

“Even the savviest of computer users fall victim to online threats because cybercriminals have become so sophisticated,” said Jeff Green, senior vice president of McAfee Labs. “The Consumer Threat Alerts are a warning sound to keep consumers from falling victim to online dangers. We’re on the front lines watching and protecting against threats, and we pass that knowledge onto consumers.”

Fake Antivirus Scams Cost Consumers Millions of Dollars Each Year

Scareware is one of the most prevalent, dangerous and sophisticated online scams, victimizing an estimated one million people around the world every day. McAfee Labs reports that cybercriminals make profits upwards of $300 million worldwide from scamming consumers with scareware.

Fake antivirus software pops onto a users’ screen and alerts the user that his or her computer may be vulnerable. To disguise the scam, cybercriminals create legitimate looking logos of fake security companies.

The pop-up prompts the user to scan the computer for vulnerabilities, which he or she does not realize is fake, or even purchase “security software” which is actually malware in disguise. Cybercriminals get unsuspecting victims to input their credit card information, granting criminals’ access to the user’s computer and bank details. Criminals have targeted every region of the world with fake antivirus software.

“It’s an incredibly lucrative business for cybercriminals,” said Francois Paget from McAfee Labs, a security research expert who has studied fake antivirus companies around the globe. “In fact, one company known as ‘Innovative Marketing’ made an estimated $180 million through these scams in one year, and more than four million consumers purchased their fake security software thinking it was real.”

McAfee reports a 660% rise in scareware over the past two years, and a 400% increase in reported incidents in the last 12 months.

“It strikes fear – I saw a pop-up telling me that I had viruses on my computer and all I could think about was everything I had to lose,” said Stevie Wilson, a victim of scareware who lives in Los Angeles and shares her story in this video. “It looked just like a legitimate security program, so I handed over my credit card information to make sure I was protected. But, countless dollars and lost time later, I realized that I’d handed my credit card directly to criminals.”

New “Consumer Threat Alerts” Warn Consumers about Most Dangerous Threats

The McAfee Consumer Threat Alerts program helps consumers stay ahead of evolving and sophisticated threats. Subscribers can expect to receive periodic e-mail alerts about how to recognize the latest online dangers and tips on how to stay safe. The threat information is presented in easy to understand language with examples, and includes tips on how to avoid threats as well as information for users who suspect they might have become a victim.

In addition to the e-mail notification, all updates will be posted on the Consumer Threat Alerts blog (www.mcafee.com/consumer-threats-blog) and consumers can also follow McAfee on Twitter (http://twitter.com/McAfee) or visit the Facebook page (www.facebook.com/mcafee) for updates, videos and tips.

“We’re giving consumers the ‘street smarts’ they need to live their online lives safely,” said Green. “With education and the right technology, we can all play a part in the fight against cybercrime.”

About McAfee, Inc.

McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is committed to relentlessly tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com

McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc., or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied © 2008 McAfee, Inc. All rights reserved.

Photos/Multimedia Gallery Available: http://www.businesswire.com/cgi-bin/mmg.cgi?eid=6207266&lang=en

Related Posts

No related posts.

Tettnang, 02 February 2010 – IT Security Specialist Avira has issued a warning against phishing emails currently circulating that aim to access the login data for Skype accounts. However, the threat is not currently recognized by the filters of current web browsers. Users of Avira AntiVir Premium and Suite are protected by MailGuard and WebGuard.

The phishing mails sent contain a link to a remarkably convincing looking fake Skype login site. The correct address, www.skype.com, actually appears in the address line, but only as a sub-domain of an entirely different network, for example www.skype.com.attacker-domain.cc/. This URL takes the user to the cybercriminals’ phishing site.

Users who enter their Skype login data on this website will then be diverted to the genuine download site to avoid arousing suspicion. However, the attempted login by the user reveals his access data to the attackers. The threat is mainly to the user’s credit on his Skype account, which can be deducted. In addition, the cybercriminals can also send other phishing links or Spam to the contacts of the specific user.

At present, the integrated phishing filters of the most commonly used web browsers, such as Internet Explorer, Opera, Google Chrome or Firefox, do not yet recognize the risky site and therefore do not issue an appropriate warning.

Anyone receiving a phishing email of this kind should avoid clicking on the links it contains at all costs. The email should also be deleted from your mailbox immediately. Thanks to Avira MailGuard and Avira WebGuard features, users of the Avira AntiVir Premium Security Solution or Avira Premium Security Suite are protected against these phishing attempts. MailGuard detects and marks these emails as attempts at phishing and WebGuard blocks access to the phishing sites.

Users of the free basic protection solution Avira AntiVir Personal – Free Antivirus should exercise particular caution so as not to fall victim to phishing. To get comprehensive protection against such threats, Avira recommends upgrading to Avira AntiVir Premium or Avira Premium Security Suite.

About Avira
Avira GmbH is a leading global provider of IT security solutions for professional and private use. With over twenty years of experience, the company is one of the pioneers in this field. As a foundation member of the initiative “IT Security made in Germany” (ITSMIG e.V.), Avira guarantees that it provides IT security products with no backdoors.

The German IT security expert is headquartered in Tettnang near Lake Constance and maintains several subsidiaries worldwide. Avira employs approximately 335 staff and makes a significant contribution towards the security of millions of private users through its free virus protection, Avira AntiVir Personal.

Domestic and international customers include well-known companies listed on global stock exchanges, educational establishments and government authorities. In addition to protecting the virtual environment, Avira promotes the Auerbach Foundation for greater protection and security in the real world. The Auerbach Foundation supports charitable and social projects, as well as art, culture and science.

Related Posts

No related posts.