Banking, Mobile Malware Rose to Record Levels in Q3 2013

Enid Burns for redOrbit.com – Your Universe Online

During the past quarter the Internet reached the highest infection rate since 2002 in terms of the volume of malware infections, according to the TrendLabs 3Q security report titled “The Invisible Web Unmasked” from internet security firm Trend Micro. Report highlights were offered on the TrendLabs Security Intelligence Blog.

Cyber-criminals made large withdrawals during the third quarter, though authorities closed a number of accounts. Following the Q2 takedown of the Liberty Reserve, cyber-criminals crawled the web for alternative currencies. Some resorted to Bitcoins, with one of the larger takedowns of this past quarter being Silk Road, which used the Deep Web to hide from authorities.

Law enforcement agencies had another big score in the third quarter, when the alleged Blackhole Exploit Kit author Paunch was arrested in early October. The Blackhole Exploit Kit used a Java vulnerability as a vector to compromise computers.

Paunch was not the only cybercriminal to use the Java vulnerability exploit. It was also one of the methods used in the Neutrino Exploit Kit. One reason Java is vulnerable is that its developer, Oracle, has stopped supporting Java 6, meaning users of Java 6 no longer receive updates. Users of older versions are also left vulnerable as they are not getting security fixes from the Oracle updates.

Banking is one area that has been hit hard by Trojans and other malicious software and the Trend Micro report observed a surge in online banking malware. While infections used to have higher concentrations in regions such as Europe and the Americas, that is no longer the case. Banking malware is now spread worldwide, and infection counts have exceeded 200,000 making Q3 2013 the highest infection rate since 2002.

“As consumers gravitate to the convenience of online banking, criminals are developing tools at an exceedingly rapid pace to exploit a general lack of awareness,” said JD Sherry, vice president of technology and solutions at Trend Micro, in a corporate statement.

Apple is one tech company that is increasingly under threat of malicious software. Users of the Apple platform saw a spike in May for phishing page volume when it reached 5,800. A lower spike was reached in July with 4,100 and in September Trend Micro tracked a volume of 2,500 phishing pages.

“Apple has been traditionally perceived as a safe-haven against threats, but our findings reveal that personal information can be jeopardized as phishing scams that target the platform continue to gain momentum. The evidence suggests a potential perfect storm looming in the holiday season as busy commercial and consumer users leverage mobile platforms,” said Sherry.

Mobile malware is another growing concern with mobile malware threats exceeding one million in September. “Among these, 80 percent were malicious in nature, topped by premium service abusers. Premium service abusers are known to send unauthorized text messages to certain numbers and often register users to premium-rate services. This type of malicious app is especially popular in Russia, most likely due to the country’s lack of ‘standard’ app stores,” the report said.

At least one cyber-criminal used the so-called “master key” vulnerability to gain access to mobile phone handsets. In one instance, an attacker used the master key vulnerability to update a legitimate app with a malicious version. That raises alarm, as even careful mobile users can be attacked if cyber-criminals gain access at the app store level.