E-Crime up six-fold with web-based attacks

Cyber-criminals are shifting from using e-mail to using web pages as their main route to compromising computers, according to security software supplier Sophos.

Cyber-criminals are shifting from using e-mail to using web pages as their main route to compromising computers,...

according to security software supplier Sophos.

Sophos is trapping almost 30,000 new malicious web pages a day in its honeypots, a six-fold rise in six months, said Sophos's senior technology consultant, Graham Cluley.

Speaking at the launch of Sophos's half-yearly e-crime report, Cluley said the rise is a sign of the growing industrialisation of computer crime.

"The attacks are also getting sneakier," he said. "Once attackers wanted the bragging rights, now they want to stay hidden for as long as possible."

Cluley said most attacks were designed to harvest personal and company data, and to create botnets that attackers could rent out for spamming, denial of service, and other forms of compromise.

"We are also seeing women being stalked online and more politically motivated attacks, such as the recent incidents of Russia and Estonia, and India and Pakistan," Cluley said.

The main threats came from China and the US, but Cluley said they had traced one attack that used a "Sexy pix of Britney" spam attack in the UK that led to a website via a compromised server in New York state. This led to Beijing and Rostov, where it picked up an Trojan horse for collecting bank account details, before ending up in Rio de Janiero.

"But that is not necessarily where it ended it is just that the trail ran dead in Brazil," Cluely said.

Cluley said Apache servers were compromised in 51% of attacks, with Microsoft servers involved in 43%.

Top web-based threats of 2007

The top-ten list of web-based malware hosted on infected sites during the first six months of 2007 reads as follows:

1. Mal/Iframe 49.2%

2. Troj/Fujif 7.9%

3. JS/EncIFra 7.3%

4. Troj/Psyme 8.3%

5. Troj/Decdec 6.9%

6. Troj/Ifradv 4.1%

7. Mal/ObfJS 2.5%

8. Mal/Packer 1.5%

9. VBS/Redlof 1.1%

10. Mal/FunDF 0.9%

Other 10.3%

Source: Sophos

Comment on this article:



Enjoy the benefits of CW+ membership, learn more and join.

Read more



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: