Cybercriminals Target Broad Range of Victims in January

  • Feb 08, 2012

January saw malware attacks targeting a wide range of potential victims, including gamers looking for a Pro Evolution Soccer 2012 game crack, small business owners concerned about the reputation of their business, and government organizations receiving spoofed messages from the United States Computer Emergency Readiness Team (US-CERT).

GFI Software, providers of Web and mail security, recently released its VIPRE Report for January 2012; a collection of the 10 most prevalent threat detections encountered during the month. 

“While cybercriminals may not be picky about their choice of victims, their choice of tactics is anything but haphazard," said Chris Boyd, senior threat researcher at GFI Software.“Anyone who goes on the internet is a potential target for cybercriminals looking to infect systems and scam users. Malware writers and phishers do not discriminate. They purposefully cast a wide net when picking their methods of attack in order to reach as many targets as possible. Whether you are a young gamer, a successful business owner or a government employee, you need to be wary when clicking on links that appear to pertain to your interests, especially when asked to submit personal information online.”

In addition to malware writers installing rootkits on the systems of gamers who were looking for a pirated release of Pro Evolution Soccer 2012, developed by Konami Digital Entertainment, Inc., scammers also latched onto the buzz surrounding the upcoming fourth installment of the Halo video game series, developed by 343 Industries, by offering bogus beta invites in return for filling out surveys and recommending links on Facebook and Google+. These attacks leverage the popularity of these titles among the gaming community and are meant to take advantage of the mistakes some users might make when acting out of excitement about a favorite game franchise.

January also brought phishing emails posing as notices from the Better Business Bureau, claiming that a customer had filed a complaint against the recipient. The messages contained links to malware created using the Blackhole exploit kit. Government body US-CERT served as another disguise for cybercriminals attempting to bait unwitting victims into opening a file that contained a variant of the Zeus/Zbot Trojan. Meanwhile, Tumblr users were baited with “free Southwest Airlines tickets” in exchange for taking surveys and submitting personal information by a phony “Tumblr Staff Blog.”

Malware writers and internet scammers also sought to attack a wider cross-section of the population when opportunities presented themselves to creatively piggyback on hot news topics and highly trafficked websites. This past month, the shutdown of popular file hosting website Megaupload led to a domain typo scam targeting both the regular users of the website as well as visitors who were interested in seeing the FBI notice posted on the site. Once the victims reached the misspelled URL, they were redirected to various sites promising fake prizes and asking for personal information.

“While cybercriminals may not be picky about their choice of victims, their choice of tactics is anything but haphazard,” continued Boyd. “Cybercrime campaigns are designed to cripple systems and steal personal information, but first they have to reach the victim. Once they know the profile of the group they want to attack, they will do anything they can to increase their chances of success and fool users into playing along.”

Top 10 Threat Detections for January

GFI’s top 10 threat detection list is compiled from collected scan data of tens of thousands of GFI VIPRE Antivirus customers who are part of GFI’s ThreatNet automated threat tracking system. ThreatNet statistics revealed that Trojans continue to be the most pervasive threat, taking half of the top spots for January 2012.

Detection                                        Type                                     Percent
Trojan.Win32.Generic                   Trojan                                   35.1
Yontoo (v)                                        Adware                                  2.23
FraudTool.Win32.FakeRean       Rogue Security Program   1.62
INF.Autorun (v)                                Trojan                                    1.28
Trojan.Win32.FakeAV.mqa (v)     Trojan                                    1.21
Trojan.Win32.Ramnit.c (v)            Trojan                                   0.94
Exploit.PDF-JS.Gen (v)                  Exploit                                   0.86
GameVance (fs)                             Adware                                  0.82
Pinball Corporation. (v)                 Adware                                  0.79
Trojan.Win32.Jpgiframe (v)          Trojan                                    0.77

Featured

  • Accelerating a Pathway

    There is a new trend touting the transformational qualities of AI’s ability to deliver actionable data and predictive analysis that in many instances, seems to be a bit of an overpromise. The reality is that very few solutions in the cyber-physical security (CPS) space live up to this high expectation with the one exception being the new generation of Physical Identity and Access Management (PIAM) software – herein recategorized as PIAM+. Read Now

  • Protecting Your Zones

    It is game day. You can feel the crowd’s energy. In the parking lot. At the gate. In the stadium. On the concourse. Fans are eager to party. Food and merchandise vendors ready themselves for the rush. Read Now

  • Street Smarts

    The ongoing acceptance of AI and advanced data analytics has allowed surveillance camera technology to shift from being a tactical tool to a strategic business solution. Combining traditional surveillance technology with AI-based data-driven insights can streamline transportation systems, enhance traffic management, improve situational awareness, optimize resource allocation and streamline emergency response procedures. Read Now

  • The Progress of Biometrics

  • Next-Gen AI for Smart Cities

    The future of smart city technology is not being shaped in Silicon Valley — it is taking root in Dubuque, Iowa. With a population of about 60,000, this mid-sized city has become a live testbed for AI-driven traffic management thanks to a unique public-private collaboration led by Milestone Systems. Project Hafnia demonstrates how cities can transform urban mobility and safety through Responsible Technology—without costly infrastructure overhauls. Read Now

Most   Popular

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.