Tuesday, April 20, 2010

Cybercrime Toolkits for Neophytes Pose a Global Threat

Cybercrime toolkits are making it easy for even amateurs to attack computer systems and steal information, according to Symantec's latest security report. Symantec said social-networking sites, online banking, and global havens are boosting the cybercrime threat. Unpatched vulnerabilities remain a favorite target for hackers, with tools available.

The ready availability of attack toolkits is making it easier than ever for even neophyte attackers to compromise computers and steal information, Symantec says in a new Internet security report released Monday. Social-networking sites are also providing cybercriminals with the means to launch attacks on enterprises by leveraging the abundance of personal information available about key corporate executives.

According to Symantec, 75 percent of the enterprises it recently surveyed had experienced some form of cyberattack in 2009. One reason is the increasing popularity of online banking, which Symantec credited with boosting threats to confidential files from 83 percent in 2008 to 98 percent last year.

"Attackers have evolved from simple scams to highly sophisticated espionage campaigns targeting some of the world's largest corporations and government entities," said Symantec Senior Vice President Stephen Trilling. "The scale of these attacks -- and the fact that they originate from across the world -- makes this a truly international problem requiring the cooperation of both the private sector and world governments."

Attack Toolkits

The advent of inexpensive cybercrime attack toolkits has lowered the bar to entry, Trilling noted. For example, a Zeus (Zbot) toolkit priced around $700 -- or in some cases available for free download -- automates the process of creating customized malware capable of stealing personal information.

Variants of the Zeus kit use spam to lure surfers to a web site that uses social engineering or that exploits a browser vulnerability to install the bot on a victim's computer, Symantec said.

"The bot then allows remote access to the computer and can be used to steal information such as the user's online banking credentials," the report noted. "Each bot can then be used to send additional spam runs to compromise new users."

Moreover, attackers have learned to employ social-engineering techniques to lure unsuspecting users to malicious web sites that attack the victim's browser as well as vulnerable plug-ins for viewing videos and documents. During 2009, PDF files accounted for 49 percent of all observed web-based attacks -- up from 11 percent in 2008.

Symantec believes it likely that attackers are targeting browsers and PDF reader plug-ins because the two technologies are among the most widely deployed on the Internet.  sci-tech-today

No comments:

Post a Comment