Malware Soars As Traditional Phishing Falters

Cyber-thugs focus on malware as industry fights back

Malware incidents rose by 89 percent in the last three months, while phishing saw a drop of 8 percent over the period, according to a report.

The period also saw an increasing number of large-scale domain hijackings, DNS exploits and other breaches of global targets, causing substantial downtime for companies’ online enterprises. “Zeus malware infection is also an on-going threat, especially with the reemergence of the Avalanche group and their fast flux hosting tactic,” said internet security company, Internet Identity (IID), in its third quarter eCrime Trends Report.

The reappearance of Avalanche is not a surprise and it is apparent that they are now providing their massive botnet as an infrastructure for hire, according to Rod Rasmussen, IID President and CTO. “Cybercriminals are always trying to adapt to the latest security methods and threat awareness, and as an industry we must stay one step ahead of these increasingly sophisticated cyber gangs,” he said in a statement.

Major players fight back

Facebook, Google and Microsoft are some of the global palyers who fought back hard against cyber-thugs this quarter. After the .tk top-level domain showed a 600 percent rise in phishing, Facebook joined the .tk registry, IID, and the Anti-Phishing Alliance of China (APAC) to secure the top-level domain and reduce phishing from that domain by 40 percent. Google de-indexed the entire second-level domain co.cc, a hive of fraudulent activity, blocking 11 million co.cc websites from appearing in its search engine results, while Microsoft took down the Kelihos botnet, a network of 41,000 private computers infected with malicious software capable of sending billions of spam emails per day.

Traditional phishing attacks occur when online fraudsters try to access personal data such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an online exchange, while malware is malicious software installed onto a computer, which enables cybercriminals to access and use that computer for criminal purposes.

The IID report was compiled using data from security and Internet infrastructure organisations including IID, ICANN (Internet Corporation for Assigned Names and Numbers) and APWG (Anti-Phishing Working Group.