Web threats

In 2015, virus writers demonstrated a particular interest in exploits for Adobe Flash Player. The proportion of relatively simple programs used in mass attacks was growing. Attackers have mastered non-Windows platforms – Android and Linux: almost all types of malicious programs are created and used for these platforms.

In the third quarter of 2015 botnet-assisted DDoS attacks targeted victims in 79 countries around the world; 91.6% of targeted resources were located in 10 countries. The largest numbers of DDoS attacks targeted victims in China, the US and South Korea. The longest DDoS attack in Q3 2015 lasted for 320 hours.

In the third quarter of 2015 Kaspersky Lab solutions detected and repelled a total of 235,415,870 malicious attacks from online resources located all over the world. There were 5,686,755 registered notifications about attempted malware infections that aim to steal money via online access to bank accounts.

In Q2 2015, botnet-assisted DDoS attacks targeted victims in 79 countries. 77% of botnet-assisted attacks targeted resources located in 10 countries. The largest numbers of DDoS attacks targeted victims in China and the USA. Cybercriminals continue to exhibit a growing persistence: DDoS attacks lasting up to 8.5 days were observed.

Intelligence services are not giving any clues how they identify cybercriminals who act anonymously. This may mean that the implementation of the Tor Darknet contains some vulnerabilities and/or configuration defects that make it possible to unmask any Tor user. In this research, we will present practical examples to demonstrate how Tor users may lose their anonymity.

One popular DDoS scenario is a botnet-assisted attack. In Q1 2015, 23,095 botnet-assisted DDoS attacks were reported. These statistics refer to those botnets which were detected and analyzed by Kaspersky Lab.

Kaspersky Lab was involved in botnet takedown operation. Preliminary analysis of some of the sinkholed server logs revealed a list of 190 countries affected by the Simda botnet.

A long time has passed since we published our analysis of threats for home network devices. Since then, the situation has significantly changed – alas, not for the better.

Kaspersky Lab products detected and neutralized a total of 1,325,106,041 threats in the third quarter of 2014. Our solutions blocked 696,977 attacks that attempted to launch malware capable of stealing money from online banking accounts.

In a series of online attacks targeting flaws on network devices and involving malicious DNS servers, fake documents, browser code injections, malicious browser extensions and a lot of creativity, the crooks have successfully stolen vast amounts of money.

‘Malvertising’ is a relatively new term for a technique used to distribute malware via advertising networks, which have long since become a popular medium among cybercriminals.

The biggest security news of the week is the leaked photos of many celebrities. Many people, especially the involved celebrities, wondered how such a hack could take place.

Anyone using the Internet is at risk, regardless of age and regardless of what they like to do online. Cybercriminals can deploy an impressive arsenal and use it to get access to our money, our personal data and the resources of our computer systems.

Kaspersky Lab products detected and neutralized a total of 995,534,410 threats in the second quarter of 2014. 927,568 computers running Kaspersky Lab products were attacked by banking malware. 65,118 new malicious mobile programs were detected. 2033 mobile banking Trojans were detected in this period, 1.7 times more than last quarter.

A couple weeks ago, my colleague Mikhail K posted on the analysis of several bots, including a bot implementing some extraordinary DNS amplification DDoS functionality. Let’s explore some additional offensive details of this crew’s activity, and details of the overall situation, in the past week.