Trend Micro’s roundup identifies cyber-criminals’ methods for executing attacks

Trend Micro Cyber-criminals continuously discover more ways to successfully target new outlets for financial theft as revealed in Trend Micro’s first quarter security roundup for 2014, Cybercrime Hits the Unexpected.

Greed is motivating cyber-criminals to take a non-traditional approach in the selection of unlikely targets, such as advanced threats to Point-of-Sale (PoS) terminals and the exploitation of disasters. Though well protected, these new targets are in the cross-hairs of emboldened cyber-criminals around the world.

Trend Micro researchers also found that online banking malware continued to thrive with the emergence and modification of new malware families, each with different targets and varying anti-detection techniques. And continuing to grow for the past five years is the number of mobile malware and high-risk apps, which has hit 2 million since the introduction of the Android platform.

“This year’s first quarterly report sheds light into the cyber underground where creative cyber-criminals continue to find new opportunities to commit their crimes,” said Raimund Genes, Trend Micro’s CTO. “To remain protected against these ever-evolving cyber threats, users must be diligent in using best practices when surfing the Web, especially when conducting online financial transactions.”

Key first quarter findings include:

  • Mobile threats: The mobile threat landscape continues to grow at an even faster pace than last year, as the total number of mobile malware and high-risk apps grew to 2 million this quarter. The explosion of repackaged apps — those that have been maliciously tampered with to pass Android’s’ security features — also contributed to the huge spike in mobile malware and high-risk app volume growth.
  • Cyber-crime and the cyber-criminal underground: This quarter’s online banking malware volume significantly dropped from the end of 2013. This year’s first quarter number did not differ much from the same timeframe one year ago, and the high numbers at the close of last year could be attributed to the holiday season when cyber-criminals pursue online shoppers.
  • Targeted attack campaigns and cyber attacks: Reports of PoS system infiltration in the United States, particularly in retail and hospitality, as well as insider threats targeting South Korean credit card companies highlighted the need for customized defense strategies.
  • Digital life and the “Internet of Everything”: A new-generation of exploits took the app ecosystem by storm this quarter. These apps cater to users’ desire to anonymously share content, send off-the-record messages, and share media. Along with observing more social engineering scams, several devices in the Internet of Everything (IoE) market were scrutinized, as security researchers exposed gaping vulnerabilities.

“Organizations continued to struggle with attacks that were targeted in nature, which could be directly aimed at the energy, financial, healthcare, and retail industries or critical infrastructure,” said JD Sherry, vice president of technology and solutions for Trend Micro. “It came down to a simple equation — high-value targets that promised massive payouts were compromised despite the determined efforts of organizations to protect their valuable information.”

For the complete report, please visit: http://about-threats.trendmicro.com/us/security-roundup/2014/1Q/cybercrime-hits-the-unexpected