Cybercrime grows as ‘attack toolkits’ gain popularity


20 Apr 2010

As Symantec releases its Internet Security Threat Report Volume XV today, it has found that while global trends in cybercrime point to the increased sophistication of attacks, it seems as though the volume of malware, spam, phishing attempts and targeted threats is growing at a steady pace.

“The same tactics and techniques are being used but the sheer volume we’re seeing is what has changed. Cybercriminals are sticking to what they know best and also what seems to be effective in order to infect internet users,” says Dublin-based Orla Cox, chief researcher, Symantec Security Response.

In particular, the act of social engineering attacks aimed at luring the user to websites containing malicious code is gaining in popularity, while web-based attacks targeted at PDF viewers accounted for 49pc of observed web-based attacks throughout 2009 – an 11pc increase on 2008.

“Attackers will try to redirect users to a site which will host a PDF and exploit a vulnerability in the PDF reader to drop the malware onto the machine,” explains Cox.

“Adobe has upped it game in the last while in relation to security and patching – now they have quarterly releases of patches similar to Microsoft’s Patch Tuesday model – a controlled patching cycle to make it a bit more controlled and organised.”

About ‘attack toolkits’

Another worrying trend is that of ‘attack toolkits’: what these means is that cybercrime is not confined to the tech savvy, as potential cybercriminals with modest technical know-how can literally purchase a toolkit online to do the job for them.

“There is basically a proper market model out there: a while economy building up around this where the guys that know what they’re doing are creating the kits.

“Then you have your wannabe criminals going online and buying these, only needing some basic technical knowledge. If you look at Zeus (Trojan horse that steals banking information through keylogging) alone, there were 90,000 unique samples of it in the past year.

“You can see the scale of what we’re trying to deal with but of course some of those would already be detected by antivirus software.

The Zeus kit can be purchased for as low as US$700, but Cox points out that many of these toolkits can be downloaded for free on underground websites, however, they are often out of date and therefore antivirus software will pick up on them.

The Symantec report also found that the lowering of barriers for amateur attackers to enter cybercrime is evident in the increase in malicious code that steals confidential information: the percentage of threats to confidential information that incorporate remote access capabilities increased to 98pc in 2009 from 83pc in 2008.

One reason, says Symantec, for the popularity of this mode of attack is the increasing number of people using online banking.

By Marie Boran

Photo: Potential cybercriminals with modest technical know-how have been able to purchase a toolkit online to do the job for them