Web threats

Kaspersky Lab was involved in botnet takedown operation. Preliminary analysis of some of the sinkholed server logs revealed a list of 190 countries affected by the Simda botnet.

A long time has passed since we published our analysis of threats for home network devices. Since then, the situation has significantly changed – alas, not for the better.

Kaspersky Lab products detected and neutralized a total of 1,325,106,041 threats in the third quarter of 2014. Our solutions blocked 696,977 attacks that attempted to launch malware capable of stealing money from online banking accounts.

In a series of online attacks targeting flaws on network devices and involving malicious DNS servers, fake documents, browser code injections, malicious browser extensions and a lot of creativity, the crooks have successfully stolen vast amounts of money.

‘Malvertising’ is a relatively new term for a technique used to distribute malware via advertising networks, which have long since become a popular medium among cybercriminals.

The biggest security news of the week is the leaked photos of many celebrities. Many people, especially the involved celebrities, wondered how such a hack could take place.

Anyone using the Internet is at risk, regardless of age and regardless of what they like to do online. Cybercriminals can deploy an impressive arsenal and use it to get access to our money, our personal data and the resources of our computer systems.

Kaspersky Lab products detected and neutralized a total of 995,534,410 threats in the second quarter of 2014. 927,568 computers running Kaspersky Lab products were attacked by banking malware. 65,118 new malicious mobile programs were detected. 2033 mobile banking Trojans were detected in this period, 1.7 times more than last quarter.

A couple weeks ago, my colleague Mikhail K posted on the analysis of several bots, including a bot implementing some extraordinary DNS amplification DDoS functionality. Let’s explore some additional offensive details of this crew’s activity, and details of the overall situation, in the past week.

The most popular uses of cloud services include: storing image scans of passports and other personal documents; synchronization of password, contact list, and email/message databases; creating sites; storing versions of source codes, etc.

In 2013 phishing sites imitating social network websites were to blame for more than 35% of cases when the Anti-phishing heuristic component was triggered.

In this first part we’ll look at some very professional phishing and malware attacks that use digitally-signed malware, a breached customer database used for online ticket sales, SSL-certified phishing domains and a lot of social engineering.

In the past year, many users have been forced to deal with BitGuard, a system designed to change home pages and search engine results.

During the course of the last nine months in particular that trust in the Internet has been eroded and replaced with suspicion. How do we fix this?

Over the last few months I have been closely monitoring so-called Darknet resources, mostly the Tor network, and the cybercriminal element is growing.