• E-mail
• Print
• Comment
• Font Size
• Digg
• del.icio.us
• Discuss article

APWG Announces Availability of Internet Crimeware Report

Posted on: Tuesday, 24 October 2006, 09:00 CDT

The Anti-Phishing Working Group has issued a joint report with the Department of Homeland Security and SRI International on the role of crimeware in enabling new forms of financial crime on the public Internet. The report is titled "The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond", and can be downloaded here: http://www.antiphishing.org/reports/APWG_CrimewareReport.pdf

"Crimeware is the latest technological attack on identity and access control on the Internet. Instead of viruses, which were spread largely to gain notoriety for their authors, crimeware is malicious software designed to steal identity information such as passwords and sensitive user information. Unlike email phishing, crimeware can be very hard to detect, and many organizations are unaware of the scope of this emerging threat. This report hopefully can serve as an educational tool for security professionals and risk managers alike." said David Jevans, Chairman of the APWG.

The report details the innovative and penetrating mechanisms that phishers are employing to spread crimeware including:

Attachments sent via email or instant message - or in an apparently discarded hardware devices such as USB keys;

Piggybacking schemes in which crimeware is embedded into another piece of software such as an apparent shareware application;

Internet Worms that exploit vulnerabilities within networks and PCs to propagate themselves and install back doors and other crimeware applications;

Web Browser Exploits in which browser vulnerabilities are leveraged to directly infect PCs from the compromised server by the pages being viewed or by injecting crimeware code remotely via scripting exploits into the PC;

Distribution via Hacking in which crimeware is installed manually by hackers who have discovered or exploited vulnerabilities that give them access and control of a PC;

And Distribution via Affiliate Marketing in which marketing programs provide incentives to 1) install malware on visitors PCs, some of which can be later exploited to plant crimeware or 2) to directly install crimeware on visitors' PCs.

APWG data from the 12 months between May 2005 and May 2006 tells the story of runaway proliferation of crimeware. In that time frame, the number of unique applications for password stealing that were detected in a single month grew from 79 to 215, almost tripling in detected frequency. The number of URLs employed by criminals to spread crimeware expanded at around twice the rate of crimeware code development, however, rising from 495 detected URLs in May 2005 to 2100 in May 2006 after peaking at 2683 in April, 2006.

"The crimeware story is one of innovation in developing criminal code to be sure, but we see a lot of the same mechanisms, like keyloggers, being redrafted again and again. The big mission for organized crime is not so much creation of completely new innovations in crimeware but to find ways to deliver it successfully to the PC," said Chairman Jevans.

Industry leaders, researchers, law enforcement representatives, government ministers, and Computer Emergency Response Team managers from across the globe are converging on Orlando from November 14 through 17th to attend the APWG's General Members Meeting and the eCrime Researchers Summit, where report author Aaron Emigh will present the paper to principal investigators and conferees in the summit's Phishing and Crimeware segment.

The General Members meeting is an event closed to all but APWG members and research partners. The inaugural eCrime Researchers Summit on November 16 and 17, however, is an open event. The agenda for that event is here:

http://www.antiphishing.org/events/2006_researchSummit.html

The Anti-Phishing Working Group (APWG) is an industry association focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing and crimeware. Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community and solutions providers. There are more than 1,500 companies and government agencies participating in the APWG and more than 2,500 members. The APWG's web site (http://www.antiphishing.org) offers the public and industry information about phishing and email fraud, including identification and promotion of pragmatic technical solutions that provide immediate protection. APWG's corporate sponsors include: 41st Parameter, 8e6 Technologies, Able NV, ActivCard (ACTI), Adobe (ADBE), AhnLab, Aladdin Knowledge Systems (ALDN), Anakam, Anonymizer, BBN Technologies, BlueStreak, Brandimensions, Clear Search, Cloudmark, Comodo, Corillian (CORI), Cydelity, Cyveillance, DigitalEnvoy, DigitalResolve, Earthlink (ELNK), eBay/PayPal (EBAY), Entrust (ENTU), Experian, eEye Digital Security, F-Secure, GeoTrust, GoDaddy, ING Bank, Iconix, InternetIndentity, Internet Security Systems, IOvation, IS3, Kaspersky Labs, Lenos Software, LightSpeed Systems, MailFrontier, MarkMonitor, McAfee (MFE), MasterCard, MessageLevel, Microsoft (MSFT), Mirapoint, MX Logic, NameProtect, Netcraft, NetStar, PassMark, Panda Software, Phoenix Technologies, Inc. (PTEC), Quova, RSA Security (RSAS), SAIC, SecureBrain, Sigaba, SOPHOS, SquareTrade, SurfControl, Symantec (SYMC), The 41st Parameter, Trek Blue, Trend Micro (TMIC), Tricerion, TriCipher, Tumbleweed Communications (TMWD), SurfControl (SRF.L), Vasco (VDSI), VeriSign (VRSN), Visa, Websense, Inc. (WBSN), WholeSecurity and ZixCorp.

Source: Business Wire

More News in this Category