[AP] Cutthroat competition among crooks forces new tactics, Symantec reportsFierce competition among identity thieves has driven the prices for stolen data down to bargain-basement levels, which has forced crooks to adopt mainstream business tactics to lure customers, according to a new report on Internet security threats.Credit card numbers were selling for as little as 40 cents each and access to a bank account was going for $10 in the second half of 2007, according to the latest twice-yearly Internet Security Threat Report from Symantec Corp., to be released today.
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/04/08/BURJ101BUI.DTL
news.smh.com.au/online-crooks-face-tough-competition/20080408-24jw.html
news.theage.com.au/online-crooks-face-tough-competition/20080408-24jw.htmlUK bank details ‘for sale for £5’
British bank account details are on sale online for as little as £5 in so-called cyber-crime supermarkets, a report says.Criminals are also targeting social networking sites, according to a web security firm report into online crime.Symantec says EU identities sell for more than American ones because they can be used across the EU.Investigators say criminals are turning from online banking to social networks because their users are less careful.
http://news.bbc.co.uk/2/hi/uk_news/7335844.stmSocial Networking Accounts Prized By Cybercrooks
Cyber criminals increasingly are moving away from trying to break into computers directly, choosing instead to target Internet users where they spend much of their time online — at social networking Web sites, new data suggests.In an analysis of cyber crime activity in the 2nd half of 2007, security vendor Symantec Corp. found that two social networking sites together were the target of 91 percent of U.S.-based phishing Web sites. Social networking sites also were the leading targets of phishing sites located in four other countries listed by Symantec in its phishing Top 10.
blog.washingtonpost.com/securityfix/2008/04/social_networking_accounts_pri.htmlMalware count blows past 1M mark
Symantec Corp.’s malware tally topped 1 million for the first time in the second half of 2007 as the number of new malicious code threats skyrocketed, the company said in its semiannual report on the state of security.Of the 1.1 million code threats that Symantec has detected since it began writing signatures more than a quarter-century ago, 711,912 were discovered in 2007; 499,811 were picked up in the last six months of the year alone.
computerworld.com/action/article.do?command=viewArticleBasic&articleId=9075518Online crooks target social networking sites [AAP]
Social networking websites are fast becoming a key target for online fraud, according to a new report. The latest Symantec Internet Security Threat Report for the second half of 2007 reveals there were 87,963 “phishing hosts” for that period, an increase of 167% from the first half of 2007.
http://www.theage.com.au/articles/2008/04/08/1207420373759.html
http://www.smh.com.au/articles/2008/04/08/1207420373759.htmlSymantec Report Reveals Malicious Attacks Focused Toward Trusted Web Sites [news release]
New Internet Security Threat Report Reveals Details on Hackers’ Quest for Private InformationThe latest Internet Security Threat Report (ISTR), Volume XIII released today by Symantec Corp. (Nasdaq: SYMC) concludes that the Web is now the primary conduit of attack activity, as opposed to network attacks, and that online users can increasingly be infected simply by visiting everyday Web sites. The report is derived from data collected by millions of Internet sensors, first-hand research and active monitoring of hacker communications and provides a global view of the state of Internet security.In the past, users had to visit intentionally malicious sites or click on malicious email attachments to become a victim of a security threat. Today, hackers are compromising legitimate Web sites and using them as a distribution medium to attack home and enterprise computers. Symantec noticed that attackers are particularly targeting sites that are likely to be trusted by end users, such as social networking sites.Attackers are leveraging site-specific vulnerabilities that can then be used as a means for launching other attacks. During the last six months of 2007, there were 11,253 site specific cross-site scripting vulnerabilities reported on the Internet; these represent vulnerabilities in individual Web sites. However, only 473 (about 4 percent) of them had been patched by the administrator of the affected Web site during the same period, representing an enormous window of opportunity for hackers looking to launch attacks.Phishing also continues to be a problem. In the last six months of 2007, Symantec observed 87,963 phishing hosts – computers that can host one or more phishing Web sites. This is an increase of 167 percent from the first half of 2007. Eighty percent of brands targeted by phishing attacks during the study period were in the financial sector.
- The report also found that attackers are seeking confidential end-user information that can be fraudulently used for financial gain and are less focused on the computer or device containing the information. In the last six months of 2007, 68 percent of the most prevalent malicious threats reported to Symantec attempt to compromise confidential information.
Finally, attackers are leveraging a maturing underground economy to buy, sell and trade stolen information. This economy is now characterized by a number of traits common in traditional economies. For example, market forces of supply and demand have a direct impact on pricing. Credit card information, which has become plentiful in this environment, accounted for 13 percent of all advertised goods — down from 22 percent in the previous period and sold for as low as $0.40. The price of a credit card in this underground market is determined by factors such as the location of the issuing bank. Credit cards from the European Union, for example, cost more than those from the United States; this is most likely due to the smaller supply of cards circulating in the E.U which makes the card more valuable to a criminal. Bank account credentials have become the most frequently advertised item making up 22 percent of all goods and selling for as little as $10.ADDITIONAL KEY FINDINGS
- In 2007, Symantec detected 711,912 new threats compared to 125,243 in 2006 – an increase of 468 percent; this brings the total number of malicious code threats detected by Symantec to 1,122,311 as of the end of 2007.
- Symantec measured the release of both legitimate and malicious software during a portion of the reporting period and found that 65 percent of the 54,609 unique applications released to the public were categorized as malicious. This is the first time Symantec observed malicious software outpacing legitimate applications.
- Theft or loss of a computer or other device made up 57 percent of all data breaches during the last half of 2007 and accounted for 46 percent of all reported breaches in the previous reporting period.
- Government was the top industry sector for identities exposed, accounting for 60 percent of the total, an increase from 12 percent in the previous reporting period.
- A full identity can be purchased in the underground economy for as little as $1.
QUOTES
- “Avoiding the dark alleys of the Internet was sufficient advice in years past,” said Stephen Trilling, vice president, Symantec Security Technology and Response. “Today’s criminal is focused on compromising legitimate Web sites to launch attacks on end-users, which underscores the importance of maintaining a strong security posture no matter where you go and what you do on the Internet.”
- “Remaining vigilant and informed on the latest evolutions in the threat landscape is critical to maintaining a strong security posture,” said Adriano Diaz, vice president and information security manager, BankUnited. “Symantec’s Internet Security Threat Report continues to provide us with critical information on the most current online security trends, helping us better protect our information.”
RELEVANT LINKSTo find out more about threats facing today’s Internet users, visit the following resources:
- Symantec Internet Security Threat Report – To download the full report.
- XSSed Project – To understand more about site-specific cross-site vulnerabilities.
- Attrition.org Data Loss Archive and Database – To review publicly available information about data loss.
- SecurityFocus – To explore security databases and discussions of software vulnerabilities.
About SymantecSymantec is a global leader in providing security, storage and systems management solutions to help businesses and consumers secure and manage their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
http://www.symantec.com/about/news/release/article.jsp?prid=20080407_01