Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2012
    S M T W T F S
    « Aug   Oct »
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for September, 2012




    The vast number of users on the Internet definitely makes for a lucrative market for businesses. We see more companies offering social media, gaming, e-Commerce, banking, and other services online. At 2.6 billion, the world’s web surfers exceed the population of China and India combined! That’s a big potential market!

    With more services available, online activity every 24 hours has risen by the millions, even billions. Here are some examples:

    • The number of email messages sent every day almost quadrupled from 97 billion in 2007 to 419 billion today.
    • There are almost thrice as many active Starcraft players today (500,000) as there were active Battle.net users (200,000) in 2004.
    • Since its release in 2004, the often phished online role-playing game, World of Warcraft now has 9.1 million subscribers.

    Apart from entrepreneurs, cybercriminals have also taken advantage of the dramatic increase in online engagement. The 150,000 average unique daily threats we see today dwarfs the mere 57 count we saw back in 2006. As a result, more spam, malware, and bad URLs now exist in cyberspace.

    The threats nowadays are not only increasing in quantity, but in sophistication as well. The basic protection we used to rely on is not enough against new generation threats. Along with virus protection and rootkit detection, social networking security is a must in this age of digital interaction. Users need to have a good web reputation service to block access to malicious URLs and configure privacy settings in their social networking accounts so as to keep critical information safe.

    Also, old spam filters may not work as well as combined anti-spam and optimized firewall can against threats like the Blackhole Exploit Kit that target users through spam messages bearing links to exploits, among others. Specialized platform security is also relevant, especially as more threats will likely aim at the upcoming Windows 8 Metro and the growing Mac OS market.

    Find out more on how you can revive security through redefined basic protection through our new infographic, “Are You Safe Online?

     
    Posted in Bad Sites, Data | Comments Off



    From being perceived as a luxury, smartphones have already transcended to become a must-have among users. But not all is glitter in the world of mobile device technology. With their growing popularity comes with certain issues, including battery life and the presence of power-hungry mobile adware.

    Despite offering impressive resolutions and more advanced features, users are more concerned with their devices’ battery life. Though manufacturers are poised to offer devices with longer battery life, certain trends such 4G/LTE potentially offsets battery enhancements.

    Usage certain apps and ads were also found to be power-hungry activities. In particular, ads displayed on mobile devices were also found to consume 65-75 percent of energy in free apps, as per a Purdue University and Microsoft study.

    In August, we saw an increase of adware in Android applications. While these apps can have malicious routines like collecting user’s personal information, they also pose risks to battery life.

    To know more about these trends in mobile devices and the increasing risks of mobile adware, read our first Mobile Monthly Review, “The Growing Problems of Mobile Adware.”

    More information on mobile threats and best practices can be found in Trend Micro’s Mobile Threat Information Hub.

     
    Posted in Malware, Mobile | Comments Off



    Recently, I talked at the VB2012 conference in Dallas about one of the recent developments in today’s threat landscape: the increasing prevalence of police ransomware. Earlier, Trend Micro published a white paper discussing this threat, titled The “Police Trojan”.

    The idea behind ransomware is relatively simple: the cybercriminals block the user from accessing their own computer. This continues until the user pays the cybercriminal money in order to unlock their system. We first saw this type of threat in Russia back in 2005 to 2006.

    More recently, we’ve seen this threat spread to other countries. Using geo-location, users are presented with a notice – supposedly from local police – that they have committed some crime, and to unlock their PC they need to pay a “fine” of some sort.

    As we looked into this threat, we found that this threat was, in someways, similar to previous fake antivirus threats. Multiple gangs produce their own variants; the social engineering is very good at getting users to pay up, and new versions are appearing all the time. Affiliate programs are also used to monetize this threat.

    We found at least two groups of suspects that run separate affiliate programs. Each group targets different countries, and use locally available payment schemes. There are also differences in the Trojans themselves.

    One of these groups uses server-side scripts to serve the appropriate images and scripts, depending on the user’s country:

    A second group uses a different technique. Here, the images and scripts are embedded in base64-encoded PHP code. The images and scripts are never downloaded separately, as they might be in the first case.

    In cases where the user’s country can’t be determined (or, perhaps, not being targeted by the cybercriminals), a more “conventional” alert, similar to that used by FAKEAV attacks, is displayed.

    How do cybercriminals get their money? Instead of using credit cards, victims are asked to purchase vouchers for electronic cash. Two providers, Ukash and paysafecard, are frequently used by cybercriminals. Both of these services are legitimate; however the vouchers are like cash in that there is no record if they actually change hands.

    What happens is that cybercriminals take the vouchers they have gathered and sell them to various exchange sites, for around 40-50% of the voucher’s face value. The exchanges, in turn, sell these to other users for up to 90% of their value.

    This highlights how cybercriminals are trying out new schemes in order to replace old ones which may have become less effective. New cybercriminal groups arrive on the scene; new business models are created. It is up to the security industry to keep up to protect users.

    For further details about these attacks, you may read the following blog posts:

     



    Posts masked as the fake web app “TumViewer” and “Online Income Solutions” were seen circulating on the popular blogging site Tumblr. Both offer something to Tumblr users, but in reality, they are social engineering lures meant to hook users into another run-of-the-mill survey scams.

    TumViewer and Online Income Solution: Just Another Survey Scam

    Several Tumblr posts were seen promoting “TumViewer” web app. This free app supposedly allows users to see who viewed their pages, which posts were viewed, and how often they were viewed. “TumViewer” appeared to be a minor hit among certain users, as we also noticed some tweets circulating on Twitter that promote the same app.

    Read the rest of this entry »

     
    Posted in Data, Social | Comments Off



    When it comes to multiple passwords, are you someone akin to the mighty elephant who never forgets, or are you one with the memory of a goldfish?

    Here at the Security Intelligence blog, we’ve talked about passwords at length. From recent events that involve mass password leakages to how to improve your existing passwords, we’ve written quite a bit to stress just how important these strings of letters and numbers are and how to make them more secure. But what about keeping track of every single one of them when you’ve got more than you can reliably remember? With an average user juggling up to 10 accounts at once, memorizing each and every password you have can prove to be quite the challenge.

    It’s with this e-guide that we strive to help you, the everyday user, against this conundrum that all of us will face sooner or later. Not unlike a set of keys, passwords carry with them quite dire consequences should they fall into the wrong hands. In this document, we provide ways in which to prevent such an occurrence from happening, as well as specific tips and tricks to aid you not only in remembering your passwords better but also in their creation.

    We can’t all be elephants, after all. Even us goldfishes need to keep their passwords secure.

     
    Posted in Data | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice