Phishers Up Ante With 5x Spike In Trojans - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News
News
7/15/2005
04:36 PM
50%
50%

Phishers Up Ante With 5x Spike In Trojans

Security experts think a large-scale, coordinated phishing campaign is being waged by computer criminals, because of a big run-up in the number of Trojan horses, Trojan horse downloaders, and new malicious sites.

A massive run-up in the number of Trojan horses and Trojan horse downloaders, as well as a corresponding jump in the number of malicious sites, over the last three weeks means that a new, large-scale, coordinated phishing campaign is being waged by criminals, a security vendor said Friday.

Websense, a San Diego-based security company, has detected a four- to five-fold increase in the number of Trojans during the last week of June and especially the first two weeks of July, said Dan Hubbard, Websenses senior director of security.

In July alone, weve seen more than a thousand different sites that are hosting this malicious code, and more than 100 unique Trojans, Hubbard added.

The Trojan horses are either planting keyloggers on compromised systems, or retrieving downloaders that in turn install a keylogger, said Hubbard. All have the same goal: snatch usernames and passwords to specific online banking sites so that the criminals can empty accounts.

The keyloggers are going after a specific list of banks, and dont invoke themselves until or unless the user accesses the banks Web site, said Hubbard. That list of banks, he noted, is hard-coded into the keylogger.

Once in possession of the account access username and password, the keylogger then transmits the information back to the attacker(s), sometimes in an encrypted form using SSL (Secure Socket Layer). Because its using HTTPS, the traffic is undetectable, said Hubbard, another way that phishers are camouflaging their criminal acts. While the technique isnt new, it is seeing wider user by phishers.

The Trojan horses (and thus the keyloggers) are installed after a user naively surfs to a malicious site linked in an e-mail or instant message, said Hubbard -- a now-standard tactic by hackers and phishers of all kinds. Those sites, which number in the hundreds, are hosted on free-of-charge U.S.- and U.K.-based Web hosting services, typically disguised as personal home pages, blogs, and home-made Web directories.

The e-mails and IMs that entice users to these sites run the range from those claiming to be a message from an ISP or a companys IT department to others allegedly from friends sending electronic greeting cards, said Hubbard.

Theyre using good old-fashioned social engineering, he said.

And it seems to be the work of a tight group of criminals. Based on the similarities, there are a small number of people behind this, Hubbard said.

This further quantifies the fact that Trojan horses are gaining on worms. For now, worms are still the most frequent item on the hacker food chain, he concluded.

But with numbers jumping like this, maybe not for long.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll