Targeted security threats
Kenneth Liew
06/07/2007

Trend Micro has reported an increase in targeted information security threats for the last five quarters. The report revealed that more targeted attacks are using social engineering tactics and replacing mass, fast spreading worms.

Trend Micro has released its Q1 security threat landscape report that highlights a significant increase in attacks that aim for specific users instead of a large-scale epidemic.

According to Trend Micro analysts, these targeted attacks are replacing global mass outbreak as hackers are now motivated by monetary rewards rather than gaining notoriety. These cyber criminals remain anonymous in the background as they design variants that continually change and move to avoid detection from anti-virus software.

"This report spells out the changing landscape of online threats as cyber criminals grow in sophistication. The motivation and modus operandi has evolved as users get more careful with their online habits, which then force these criminals to devise new ways to lure users," said Ross Wilson, managing director, Consumer Products and Services, APAC Region, Trend Micro Singapore.

"The challenge is for consumers to realise and understand these threats, especially since the recent threats are more insidious than before. Personal and business users need to equip themselves with the right set of knowledge and a robust anti-virus solutions to completely immunise themselves against these threats," he added.

Key findings of the report include:

Social engineering is the most popular strategy
The report states that these attacks employ social engineering to lure users into their websites or opening attachments in their emails. In February 2006, a Trojan horse spyware called TROJ_VB spread by drawing on the news of Australian Prime Minister's heart attack to trick unsuspecting users to visit a fake news website. Once the user visited the page, the spyware triggered an automatic downloading programme and captured the banking information on the network without the user ever knowing.

Asian spam is on the rise
Japanese and Chinese language spam made up the biggest non-English spam at 58 per cent and 33 per cent respectively. This meant that it overtook Russian and Spanish as the largest non-English groups. According to Trend Micro, the reason there is an increase in Asian spam is the less stringent legislation against it as compared to Europe and US.

Gambling websites have become phishing targets
Trend Micro discovered the first online gambling website to be a target of phishing. Members of PartyPoker's website had their online account information stolen when they logged in to the fake website.

This is apparent in the growth of phishing websites during the last quarter when compared to last year's figure. The increase in number was mainly due to the release of Rock Phish kits that made it easier for amateur hackers to create phishing sites at the end of 2006. According to Gartner, Americans suffered US$2.8 billion in financial losses because of phishing in 2006, out of which the Rock Phish organisation gets more than US$100 million.

Discovery of spyware that deletes illegally downloaded media files
A breed of malware emerged from Japan last year that deleted all illegally downloaded music and video files. The two variants, TSPY_DENUTARO and TSPY_DENUTARO.DM are believed to have been executed by an anti-piracy organisation. The file appeared as a .ZIP file and once clicked, will start to delete media files and this message in Japanese then appears:

"Although Isamu Kaneko has already been sentenced, are you still using Winny? I hate people like you who use Winny."

Winny is Japan's most popular P2P file sharing application and its author, Isamu Kaneko was convicted last year for assisting copyright violators and sentenced to pay a fine of 1.5 million yen.

For a copy of the full report, go to www.trendmicro.com.

advertisement