• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Bad Sites   »   1Q 2014 Security Roundup: Cybercrime Hits the Unexpected

1Q 2014 Security Roundup: Cybercrime Hits the Unexpected

  • Posted on:May 13, 2014 at 5:20 am
  • Posted in:Bad Sites, Botnets, Exploits, Malware, Mobile, Spam, Vulnerabilities
  • Author:
    Trend Micro
1

The first quarter of the year saw cybercrime hit targets that may not have been considered worthwhile in previous quarters. Multiple Bitcoin exchanges found themselves the victims of various attacks and were forced to close shop. The most high-profile victim Mt. Gox, which had been, at one time, the leading Bitcoin exchange in the world.

Exchanges were not the only target. With more than 12 million Bitcoins in existence – with a value of 6-8 billion US dollars – it was only a matter of time before Bitcoins were targeted for theft in the same way that real-world currencies are. Multiple malware families targeted the Bitcoin wallets of users in order to steal their contents.

Despite the best intentions of the creators and many users of Bitcoin, its perceived anonymity and privacy has meant that many cybercriminal elements have adapted the cryptocurrency as well. For example, CryptoLocker ransomware frequently asks for payment in Bitcoin. In many cybercrime marketplaces, underground tools are also bought and sold with Bitcoin as the form of payment.

This shouldn’t be taken to mean that ordinary cybercrime threats have gone away. Take conventional online banking malware: it is up over the same period last year, with the United States, Japan, and India the three most affected countries.

Figure 1. Countries Most Affected by Online Banking Malware

Ransomware in the form of CryptoLocker also continued to affect users. As has been the case with previous ransomware threats (like the Police Trojan), CryptoLocker and similar threats have become “regional”, with variants specifically targeting users in Hungary and Turkey. Only 28% of ransomware victims are in the United States, so these tactics make perfect sense.

Figure 2. Countries Most Affected by Ransomware

Large-scale cybercrime threats continued as well. Multiple large-scale incidents of malware affecting point-of-sale (POS) terminals resulted in millions of credit card credentials being stolen, resulting in millions of dollars of losses. These attacks used techniques that would not be out of place in a more sophisticated targeted attack; they highlighted the importance of custom defence strategies.

Mobile malware continued its inexorable growth, with the total number of mobile malware and high-risk apps exceeding two million. More than 647,000 apps of these were found in the first quarter alone. Adware surpassed premium service abusers in number, in part due to pushback from cellular service providers. In addition, security vulnerabilities were also found in Android that could leave users in an infinite boot loop.

For more details about these and other security threats in the first quarter, check our security roundup titled Cybercrime Hits the Unexpected.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»
Tags: 1Q 2014cybercrimefirst quarterQ1 2014security rounduptrend micro

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
  • August Patch Tuesday Fixes Critical IE, Important Windows Vulnerabilities Exploited in the Wild
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.