Criminals Increasingly Blend IT ThreatsBy Matt Hines | Posted 07-07-2006
Security researchers at software maker MessageLabs contend that malware writers, hackers and other cyber-criminals are combining multiple forms of IT threats in an attempt to amplify their efforts.
In the company's latest IT security intelligence report, MessageLabs experts said that criminals are converging their attacks across multiple communications channels, such as e-mail, instant messaging networks and Web sites, and are also pulling together information-gathering techniques, including spyware, spam and phishing schemes, as they seek new ways to menace businesses and consumers.
As businesses and home users have become increasingly savvy about traditional threats delivered via e-mail attachments, criminals are finding new ways to lure end users to consume their attacks, according to the report. Researchers specifically cited a growth in the number of threats that use spam e-mail messages or IMs to distribute links to Web sites where malware or spyware is secretly downloaded to end users' computers.
Criminals are also using data garnered from PCs already infected with their botnet virus code to refine their other spam and spyware efforts, said Paul Wood, senior analyst with New York-based MessageLabs. At the end of the day attackers are using any means they can find to build more detailed profiles of individuals in the name of committing identity theft or other forms of fraud against them, he said.
"As a consequence of businesses more closely watching and filtering e-mail, cyber-criminals are looking for other ways to defeat perimeter defenses and creating much smaller-scale attacks aimed at more targeted audiences," said Wood. "There are fewer attacks delivered via attachments, but far more phishing-like schemes that lure people to malicious Web sites; the HTTP protocol still isn't locked down at most businesses."
A perfect example of the trend toward converged attacks can be found in a newly discovered threat aimed directly at users of eBay's PayPal online payment site. The attack uses a phishing e-mail in an attempt to persuade PayPal customers to call a phony customer service call center where they are asked to disclose personal information including their credit card details by an automated voice system.
Using other common forms of converged attacks, criminals are creating Web sites that distribute small "dropper" malware files that secretly infiltrate PCs and later deliver larger Trojan viruses. Botnet operators are also becoming more sophisticated, using spyware loaded onto the machines they control to garner personal information that can be used to help target other attacks, MessageLabs said.
Read the full story on eWEEK.com: Criminals Increasingly Blend IT Threats