Kaspersky Lab researchers reveal the latest threats we all need to watch out for
On 26 June, Kaspersky Lab held its 10th annual Virus Analysts Summit in Dubrovnik, Croatia. At the event the company's chief security researchers discussed the latest online threats to target businesses and consumers.Chris Jager flew to Dubrovnik as a guest of Kaspersky Lab.
Over a full day of presentations, key members of Kaspersky Lab's team reported on current trends in the malware world, with a particular focus on mobile threats, Web 2.0 and ATM scams. The audience included journalists from more than 25 countries.
The first speaker was Roel Schouwenberg, a senior antivirus researcher for Kaspersky Lab, with the address "The (Non)-Patching Users — a Look From the Trenches".
During his speech, Schouwenberg highlighted a recent surge in "legitimate website" attacks. Pornographic Web sites and sites offering illegal software downloads are no longer the primary target for cyber criminals.While Web browsers and operating systems are still under threat, cyber criminals are also turning to other applications. This is for a number of reasons, including simplistic security coding, a reluctance by users to pay for new updates and the widespread use of pirated software. According to Kaspersky Lab's research, major targets include Apple QuickTime, Sun Java JDK/SRE, Microsoft PowerPoint, Microsoft Word Smart Tag, Adobe Flash Player, Microsoft Excel, Microsoft Outlook, Microsoft XML Core Services, Microsoft Publisher and Adobe Acrobat Reader. Microsoft, Adobe and Apple remain the most commonly targeted vendors.Malicious PDFs and Office documents remain a popular means of sending targeted attacks via e-mail. Schouwenberg also discussed the inner workings of the Kaspersky Security Network, a new tool for home users that gathers statistics from vulnerable applications during each system scan. This information can then be used by Kaspersky Lab researchers to combat future attacks.Schouwenberg listed several ways to fight the malware problem, including blocking computer access to known malicious Web sites, behavioural monitors that look for suspicious activity, scanning the system for vulnerable applications and educating end users.
Next to take the floor was Dennis Maslennikov, senior malware analyst and mobile research group manager, with the address Mobile Threats -- Generation 2009.
During his presentation, Maslennikov discussed the landscape of mobile malware. Malicious mobile software is no longer limited to smartphones and PDAs, explained Maslennikov: normal mobile phones are also under threat from viruses, Trojans and worms.Since 2008, cyber criminals have been making money from malicious software targeting mobile devices, with the number of mobile viruses increasing by 184 per cent since August 2006. Because there is no clear market leader in the mobile phone space, most cyber criminals rely on cross-platform malicious code to reach as many phones as they can. According to Kaspersky Lab's research, many cyber criminals are now using social-networking sites and instant messaging to promote mobile malware (e.g. urging people to phone numbers or send text messages in exchange for various services).Unsurprisingly, pornographic applications are one of the main baits used by mobile cyber criminals. SMS phishing also remains popular. For example, a message purporting to be from the phone owner's bank may urge them to call a number and provide personal information. To combat mobile malware threats, Maslennikov recommended that mobile phone users should learn as many facts about mobile malware as they can so they'll know what to look out for.
The third speaker was Kaspersky Lab's Stefan Tanase with the address "When Web 2.0 Sneezes, Everyone Gets Sick".
Tanase gave an overview of how Web 2.0 and has affected cyber crime. Over the past year, there has been a surge of attacks on sites such as Facebook, Flickr and YouTube. Cyber criminals divert traffic from social networks to Web sites that host malicious content. Furthermore, applications like those found on Facebook can contain malicious code. Tanase criticised the companies involved with Web 2.0 enterprises for not being security aware, citing a breech in Twitter's administration as an example. Cyber criminals are also scamming Web 2.0 users via traditional methods. One example was a bogus tool that purportedly lets you access anyone's Facebook account for a fee of $50.According to Kaspersky Lab's Global Research and Analytics Team, attacks through social-networking sites have a success rate of 10 per cent, compared to just 1 per cent for malicious e-mails. This is because users are more likely to click a link on a social-networking site than one in a spam e-mail.In conclusion, Tanase said there was a need to educate end users about the emerging threat of Web 2.0 applications. Many users are simply unaware that they are vulnerable: "The 'human factor' is the main driver for these attacks... The most common problem with computers still lies between the screen and the chair."
The last speaker for the day was Sergey Golovanov, senior malware analyst (Non-Intel Research Group Manager), with the address "From Worms to ATMs".
Golovanov gave an example of how cyber criminals are making money from malicious software. After infecting approximately 5 million computers with a worm, its developers offered infected users a rogue anti-virus program for $50 that would fix the problem. Clearly, even if only a fraction of infected users purchase the program, the culprits have made a significant profit. Golovanov also discussed the economy of cyber crime, with hackers and malware developers exchanging worms and exploits for cash or a percentage of profits. According to Kaspersky Lab's research, the four main "cash cows" for these affiliate networks are adult Web sites, spam, rogue anti-spyware and password-stealing malware.
Key members of Kaspersky Lab took questions from the gathered journalists. When asked if they see themselves as the FBI of computer crime, Kaspersky Lab's Timur Tsoriev quipped: "We have to move much faster than the FBI."
Countries represented on the Kaspesky Lab Press Tour included Spain, Germany, Belgium, France, Japan, the USA, Australia, Israel and the United Arab Emirates.
After the summit, Kaspersky Lab CEO [[artnid:309724|Eugene Kaspersky]] hosted a gala dinner within the halls of Fort Revelin, accompanied by traditional Dalmatian folk music and dancing.
Before heading home, Kaspersky Lab treated its guests to a cruise on the 'Karaka' replica galleon.
One brave soul leaps in at the deep end.
Eugene Kaspersky encourages his employees to bring their families along to international events such as this one.
Eugene Kaspersky takes some time out from fighting cyber criminals.
Don’t have an account? Sign up here
Don't have an account? Sign up now