New PC viruses target banks, social networks
Infected PCs are seized into a botnet, a network of hijacked computers.
Helsinki: Cyber criminals are increasingly focusing their attacks on the hundreds of millions of users of social networks and on loopholes in bank security systems, security software vendors said on Wednesday.
At the same time, spam e-mail messages rose sharply in the third quarter, Symantec Corp said. And as Facebook reached 300 million accounts in September, social networks and social media continued to attract criminals, smaller research firm F-Secure said in its quarterly virus report.
"As Twitter has grown in popularity, it has been increasingly targeted by worms, spam and account hijacking," F-Secure said.
Cyber criminals choose targets that are widely used, allowing them to go after the largest number of potential victims. "Cyber criminals continue to follow the money," said Yuval Ben-Itzhak, technology chief at a small security software vendor Finjan, who on Wednesday revealed a new method criminals use to steal money from bank accounts and hide their tracks.
Finjan said it expects a growing trend of using new software that forges on-screen bank statements, concealing the true transaction amount to dupe account holders and their banks, and then sends the stolen money to money mules accounts.
"With the combination of using sophisticated Trojans for the theft and money mules to transfer stolen money to their accounts, they minimize their chances of being detected," Ben-Itzhak said.
Spam, spam and spam
The amount of spam in all e-mail traffic rose to 88.1 per cent in the third quarter from 81 per cent a year ago, said Symantec's MessageLabs.
MessageLabs said botnets are now responsible for sending 87.9 per cent of all spam. Hackers take advantage of the PC vulnerability by booby- trapping websites with a malicious code that loads onto computers.
Infected PCs are commandeered into a botnet, a network of hijacked computers. They are used for identity theft, spamming and other cyber crimes.
"Over the past year, we have seen a number of ISP's (Internet service providers) taken offline for hosting botnet activity resulting in a case of sink or swim and an ensuing shift in botnet power," MessageLabs analyst Paul Wood said in a statement.
"However, this won't always be the case as botnet technology has also evolved since the end of 2008 and the most recent ISP closures now have less of an impact on resulting activity as downtime now only lasts a few hours rather than weeks or months as before," Wood said.