Let us first answer the main question. Who benefits from it? Why have computers, networks, and mobile phones become carriers of not only useful information, but also a “habitat” for different malicious programs? It is not difficult to answer this question. All (or almost all) inventions, mass use technologies have, sooner or later, become a tool of hooligans, swindlers, blackmailers and other criminals. As soon as there is an opportunity to misuse something, somebody will definitely find new technologies and use them in a way that was not intended by the inventors, but in an altogether different way – for their own interests or to assert themselves to the detriment of others. Unfortunately, computers, mobile phones, computer and mobile networks have not escaped this fate. As soon as these technologies started being used by the masses, the bad guys stepped in. However, the criminalization of these innovations was a gradual process.
- Computer vandalism
- Petty theft
- “Grey” business
- Computer vandalism
In the past the majority of viruses and Trojans were created by students who had just mastered a programming language and wanted to try it out, but failed to find a better platform for their skills. Up to present time writers such viruses were seeking only one thing – to raise self-esteem. Fortunately, a large part of such viruses have not been distributed (by their authors) and shortly viruses “died away” together with the storage disks or authors of viruses sent them only to anti-virus companies with a note that the virus would not be further transferred.
The second group viruses-writers also includes young people (often – students), who have not yet fully mastered the art of programming. Inferiority complex is the only reason prompting them to write viruses, which is compensated by computer hooliganism. Such “craftsmen” often produce primitive viruses with numerous mistakes (the so-called “student viruses”). Life of such virus-writers has become much simpler with the development of Internet and emergence of numerous websites training how to write a computer virus. Web-resources of this kind give detailed recommendations on how to intrude into the system, conceal from anti-virus programs and offer ways of further distribution of a virus. Often ready original texts are provided, which require only minimal “author” changes and compilation as recommended.
When older and more experienced, many virus-writers fall into the third and most dangerous group, creating professional viruses and lets them out to the world. These elaborate and smoothly running programs are created by professionals, not infrequently very talented programmers. These viruses often intrude into data system domains in very unusual ways, use mistakes of security systems of operating environments’, social engineering and other tricks.
In Q1 2018, we observed a significant increase in both the total number and duration of DDoS attacks against Q4 2017. The new Linux-based botnets Darkai (a Mirai clone) and AESDDoS are largely responsible for this hike. Read Full Article
In March 2018, Japanese media reported the hijacking of DNS settings on routers located in Japan, redirecting users to malicious IP addresses. The redirection led to the installation of Trojanized applications named facebook.apk and chrome.apk that contained Android Trojan-Banker. During our research we received some invaluable information about the true scale of this attack, we decided to call it ‘Roaming Mantis’. Read Full Article
Q4 2017 represented something of a lull: both the number and duration of DDoS attacks were down against the previous quarter. At the same time, the increase in the number of attacks on honeypot traps in the runup to holiday sales indicates that cybercriminals are keen to expand their botnets at the most opportune moment by pressuring owners of online resources and preventing them from making a profit. Read Full Article
According to KSN data, Kaspersky Lab solutions detected and repelled 277,646,376 malicious attacks from online resources located in 185 countries all over the world. Read Full Article
Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article
In the third quarter of 2017, we registered a considerable increase in the number of both DDoS attacks and their targets. Traditionally, China is the country with the largest number of attack sources and targets. It was followed by the United States and South Korea. The popularity of Windows OS as a basis for creating a botnet has fallen noticeably, while the share of Linux-based botnets increased proportionally. Read Full Article
A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. Read Full Article
The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry. Read Full Article
According to KSN data, Kaspersky Lab solutions detected and repelled 342, 566, 061 malicious attacks from online resources located in 191 countries all over the world. Read Full Article
The second quarter quite clearly showed that the DDoS-attack threat is perceived rather seriously. Some companies were prepared to pay cybercriminals literally after their first demand without waiting for the attack itself. This set off a whole new wave of fraud involving money extortion under threat of a DDoS attack, also known as “ransom DDoS”. Read Full Article