New McAfee Research Shows Regionalized Malware Rising
More Attacks Tailored to Different Cultures and Technologies
SANTA CLARA, Calif., Feb. 21 /PRNewswire-FirstCall/ -- Cybercriminals
are increasingly crafting attacks in multiple languages and are exploiting
popular local applications to maximize their profits, according to a new
McAfee, Inc. (NYSE: MFE) report released today.
"This isn't malware for the masses anymore," said Jeff Green, senior
vice president, McAfee(R) Avert(R) Labs. "Cybercrooks have become extremely
deft at learning the nuances of the local regions and creating malware
specific to each country. They're not skilled just at computer programming
-- they're skilled at psychology and linguistics, too."
McAfee Avert Labs examined global malware trends in its third Sage
report, titled "One Internet, Many Worlds." The report is based on data
compiled by McAfee's international security experts and examines the
globalization of threats and the unique threats in different countries and
regions. In the report, McAfee details the following trends and
conclusions:
-- Sophisticated malware authors have increased country-, language-,
company-, and software-specific attacks
-- Cyberattackers are increasingly attuned to cultural differences and
tailor social engineering attacks accordingly
-- Cybercrime rings recruit malware writers in countries with high
unemployment and high levels of education such as Russia and China
-- Cybercriminals take advantage of countries where law enforcement is lax
-- Around the world, malware authors are exploiting the viral nature of
Web 2.0 and peer-to-peer networks
-- More exploits than ever before are targeted at locally popular software
and applications
"Malware has become more regional in nature during the past couple of
years," said Green. "This trend is further evidence that today's
cyberattacks are targeted and driven by a financial motive, instead of the
glory and notoriety of yesteryear's cybergraffiti and fast-spreading worms.
We're in a constant chess match with malware authors, and we're prepared to
counter them in any language they're learning to speak."
Geographical trends:
The United States: The Great Malware Melting Pot
Once the launching pad of all malware, today malware in the US includes
elements of malicious software seen around the world. Attackers use
increasingly clever social engineering skills to trick victims and are
looking to exploit the viral nature of Web 2.0. Although the United States
has cybercrime laws in place, the lack of international cybercrime laws and
the differences in extradition treaties make it difficult for enforcement
agents to prosecute criminals across borders.
Europe: Malware Learns the Language
With 23 languages in the European Union alone, language barriers used
to be a hurdle for miscreants. Consumers in non-English speaking countries
often simply deleted English-language spam and phishing e-mail. Today
malware authors adapt the language to the Internet domain site where the
scam message is being sent, and malicious Web sites serve up malware in a
language determined by the country the target is located in. Cultural
events such as the FIFA soccer World Cup in the summer of 2006 prompted
email scams and phishing sites luring in soccer lovers. With the increased
sophistication of malware, computer users in the EU are under attack.
China: Virtual Entertainment
With more than 137 million computer users -- a quarter of whom play
online games -- malware authors are cashing in on virtual goods, currency,
and online games. A majority of the malware found in China is
password-stealing Trojans -- designed to steal users' identities in online
games and their credentials for virtual currency accounts. China has also
become a breeding ground for malware writers, as a large number of skilled
coders do not have legitimate work. The conditions have driven these
hackers to cybercrime in search of money.
Japan: Losing to Winny -- Malware Spreads from Peer to Peer
Winny, a popular peer-to-peer application in Japan, is prone to malware
infestations that can cause serious data leaks. When deployed in the
corporate setting, malware on Winny can expose data, steal passwords, and
delete files. Unlike in most countries, malware authors in Japan are not
motivated by money -- instead authors seek to expose or delete sensitive
data on machines. Another common target in Japan is Ichitaro, a popular
word processor. There have been several attacks against Ichitaro users that
exploited unpatched security vulnerabilities to install spyware on the
target machines.
Russia: Economics, Not Mafia, Fuel Malware
The technical skills of Russians in a stumbling economy make for an
active market of hackers. Some of the most notorious attack toolkits are
produced in Russia and sold in underground markets. These gray-market
malware tools, combined with lack of legislation against cybercrime, lead
experts to believe that the Russian mafia will soon -- if they haven't
already -- latch onto computer crime. Although the Russian economic
situation, like that of China's, has driven many hackers to a life of
cybercrime, Avert Labs predicts that with a strengthening economy and
stronger law enforcement, Russian-made malware will gradually decrease.
Brazil: Bilking the Bank
Miscreants have made an international showcase out of Brazil when it
comes to bilking online bank accounts. With a majority of Brazilians
banking online, cybercrooks use sophisticated social engineering scams to
trick Brazilians into giving up personal information. In 2005 alone, the
Brazilian Banks Association estimated losses at R$300 million (about $165
million USD) due to virtual fraud. Malware creators rapidly adapt
password-stealing Trojans to the changes banks make to their Web sites.
Global View of Threats -- By the Numbers:
-- 371,002 -- Total threats identified by McAfee Avert Labs as of Feb. 1,
2008
-- 131,800 -- Threats identified by Avert Labs solely in 2007
-- 53,567 -- Unique pieces of malware in 2006
-- 246% -- Growth of malware from 2006 to 2007
-- 527 -- New malware identified daily by Avert Labs at the start of 2008
-- 750 -- Expected number of new malware identified daily by Avert Labs at
the end of 2008
"It's mind-boggling how sophisticated and savvy some of these attacks
are," said Joe Telafici, vice president of Avert Labs operations.
"Cybercriminals are learning to exploit the cultural uniqueness of computer
users around the world. But our global team of experts is prepared to fight
against them and protect users."
The Sage report is available for download through the McAfee Threat
Center: http://www.mcafee.com/us/threat_center/default.asp.
About McAfee Avert Labs
McAfee Avert Labs maintains one of the top-ranked security threat and
research organizations in the world, employing researchers in sixteen
countries around the globe. The Labs combine world-class malicious code and
anti-virus research with intrusion prevention and vulnerability research
expertise.
About McAfee, Inc.
McAfee, Inc. is the leading dedicated security technology company.
Headquartered in Santa Clara, California, McAfee delivers proactive and
proven solutions and services that secure systems and networks around the
world. With its unmatched security expertise and commitment to innovation,
McAfee empowers home users, businesses, the public sector, and service
providers with the ability to block attacks, prevent disruptions, and
continuously track and improve their security. http://www.mcafee.com.
McAfee and/or other noted McAfee related products contained herein are
registered trademarks or trademarks of McAfee, Inc., and/or its affiliates
in the US and/or other countries. McAfee Red in connection with security is
distinctive of McAfee brand products. Any other non-McAfee related
products, registered and/or unregistered trademarks contained herein is
only by reference and are the sole property of their respective owners. (C)
2008 McAfee, Inc. All rights reserved.
SOURCE McAfee, Inc.
 back to top
Related links:
http://www.mcafee.com/
CONTACT:
Joris Evers of McAfee, Inc., +1-408-346-3310,
joris_evers@mcafee.com; or Mindy Whittington of Red Consultancy,
+1-415-618-8811, mindy.whittington@redconsultancy.com
|
