Malware And The Opportunistic Holiday Season Bonanza

‘Tis The Season To Be Careful

Malware Vulnerabilities

Earlier this year, Menlo Security published a report suggesting that one-third of the top million global websites were vulnerable to malware, and one in five sites were running software with known vulnerabilities. 5% of the sites measured were identified as serving spam or malware or were part of a botnet. With a billion websites already running, and an additional 100,000 coming online daily, 2014 saw over $70 billion spent on cyber security tools. Malware, however, continues to be a dominant threat.

Black Friday

Shoppers are being warned of a new Malware threat, ModPOS, discovered by ISight Partners, enabling point-of-sale malware code to collect credit card details as customers scan their cards.

And with news of the data breach at Hilton Worldwide spreading, analysts are expecting an increase in POS attacks against retailers, just as Black Friday launched the shopping season. Mark Bower, global product management director for HPE Security, says, “Point of sale systems – what consumers often call the checkout system – are often the weak link in the chain. A checkout terminal in constant use is usually less frequently patched and updated, and is thus vulnerable to all manner of malware compromising the system to gain access to cardholder data.” With this holiday shopping season being the first after the EMV liability shift has taken effect, merchant or card issuers who haven’t implemented EMV Chip-and-PIN technology will be held accountable.

Cyber Threat Monday

In Singapore, mobile banking clients have been warned of malware risks on Android phones that attempt to hijack online passwords and one-time security codes. It appears that these malware injections pose as Android software updates or service updates for messaging app WhatsApp. The fake Android update is spread through direct link downloads and exhibits clicker behavior, constantly visiting hard coded URLs without user consent. More dangerous, this malware collects device information such as email accounts, phone numbers, and similarly sensitive information, and after requesting super user access becomes incredibly difficult to remove. The ‘WhatsApp’ Instance of the malware appears as a pop-up insisting users download the new version or risk losing access to the service. Once users install the software, sensitive information is scammed from users. Mobile users are being warned not to click on strange links or accept unknown downloads, and an antivirus app is as necessary for mobile phones as laptops, desktops, and tablets.

Conficker

Yet another threat to beware of, Conficker was the most commonly used malware to attack organizations in October, accounting for 20% of all global attacks. This worm, first appearing in 2008, is able to spread across networks and brute force passwords, and its return has seen dangerous infections such as that of police body cameras. Security vendor Check Point reveals that three malware families, Conficker, Sality, and Cutwail, accounted for 40% of all recorded attacks, showing a trend toward gaining control of PCs and turning them into DDoS and spamming botnets. Neutrino Exploit Kit, associated with ransomware scams, is the fourth most common malware detected in October globally and attacks computers using Java.

As ransomware and data-stealing malware attacks rise, consumers and holiday makers would be wise to beware of threats both physical and online; Icy roads and crazed shoppers aren’t the only challenges we face this festive season.

By Jennifer Klostermann

Growing Up.png
David Fletcher Blown Image
Answer To Everything.png
Data Fallout.png
James Corbishly
Teams Sprawl in the Remote Workspace As working from home has become the new everyday norm, with more employers embracing the remote-work model as a new and likely permanent fixture of the employment world, there ...
The all-new Stellar Repair for MS SQL – an Efficient Tool to Fix SQL Database Corruption
Efficient Tool to Fix SQL Database Corruption SQL database corruption is not uncommon. There are many reasons for SQL database corruption, such as virus infection, bugs in the SQL Server, errors during updates, abrupt system ...
Gilad David Maayan
What Is SSPM? SaaS Security Posture Management (SSPM) is a set of security tools that an organization’s security team can use to gain visibility and manage security for their Software as a Service (SaaS) applications ...
Louis
Why Services CPQ Is Too Slow Today When PS organizations compete in sales cycles, the first competitor to have a complete quote with accurate pricing, schedules, and an engagement plan will often win. However, getting ...
Gary Bernstein
Defining Cloud Security Audit When you're looking for cloud security, it's important to know what a cloud security audit is. Simply put, a cloud security audit is the examination of cloud systems and services in ...