• United States



Researchers: Attacks getting faster, wider

Jan 24, 20113 mins
BotnetsCloud SecurityCybercrime

With the attacker focusing on social media and online services, expect far-reaching flash attacks.

Just as computing power rushes to the cloud and users’ attention shifts from PCs to their mobile devices and social networks — so does the focus of the bad guys.

Consider the Bohu Trojan recently spotted in China by Microsoft security researchers Jingli Li and Zhitao Zhou. This Trojan blocks connections to cloud anti-virus applications from customers’ Windows systems, and has been active against common anti-virus vendors in that country, according to a Microsoft blog post.

“Hackers will try to exploit peoples’ attention no matter where it resides,” say Rafal Los, security evangelist at HP.

Makes sense that attackers will go were users — and money — reside. Consider the most recent rendition of the Zeus Trojan that is aiming squarely at payment services and relatively obscure financial exchanges. According to Israeli security firm Trusteer, these botnet owners are targeting providers such as Money Bookers, Web Money, Nochex, Netspend, and E-Gold. “We believe that customers of all sites where purchases are involved need to protect their PC or access terminal, using secure browsing services and solutions that specialize in protecting online payments and online banking,” wrote Amit Klein in the company’s blog. “Retailers and payment providers, meanwhile, need to assess the risk associated with their customers’ endpoint devices.”

That’s certainly a valid point, considering how persistently attackers are targeting social networks and the applications emerging around them. Late last week, Twitter was hit with an attack where user accounts were hijacked and started distributing links for bogus anti-virus software. The links to the rogue anti-virus applications were obfuscated by Google’s URL shortener, according to antivirus firm Kaspersky Lab.

“Bear in mind that clicking on random links may lead to severe infection of your machine,” Kaspersky Lab’s Nicolas Brulez wrote in a description of the attack.

That’s good advice, but realistically it is unlikely to be heeded. Just as the same guidance fell on deaf ears when it came to traditional e-mail links and attachments. And, experts agree, odds are people won’t listen when it comes to mobile devices, cloud computing, or any other widely used way to access and manage information and transactions.

In fact, with more users turning to social networks and with more than one billion broadband devices expected to be online by 2016 the wave of attacks to come are going to move much more swiftly and impact greater numbers of victims in much shorter periods of time. “Social media has an amplified impact because there are these tight networks of people with implied trust,” says Los. “Expect more swift moving attacks that affect a large number of people in very short periods of time,” says Los.