Examining the patterns taken from data collected in the aftermath of more than 140 million blocked infection attempts, security vendor Trend Micro says that targeted attacks against individuals and organizations are on the rise.
According to the data, focused attacks against SMBs – as apparent from the types of attempts blocked by Trend Micro – increased 27% in Q2 2012 when compared to last quarter’s figures. Trend Micro’s report also outlines increasingly sophisticated attacks against individuals in the form of ATS (Automatic Transfer System) attacks. Large organizations weren’t exempt either.
The IXESHE attack campaign, which has existing since at least July 2009, showed cybercriminals stepping up their tactics to gain access to large multinational corporations without notice. Trend found that IXESHE has been targeting East Asian governments, electronics manufacturers, and telecommunications companies, and has used compromised servers housed inside targeted organizations as command-and-control (C&C) servers.
In late May, Tom Kellermann, vice president of cybersecurity at Trend Micro, told SecurityWeek that the technique of using compromised servers as C&C servers is being adopted by elite hacker crews, and he rated the sophistication of the IXESHE campaign as a 9.3 out of 10.
Other data from Trend’s Q2 report includes the rise of malicious Android applications in Q2 2012, marking a 300% increase when compared to last quarter. Moreover, ransomware attacks are making a comeback, but the mainstays (Blackhole Exploit Kit) are still proven methods of victimization for cybercriminals.
“Cybercriminals are cherry-picking their targets to launch more successful campaigns,” the report notes. “Based on Trend Micro observations this quarter, cybercriminals are poised to become more aggressive, using more sophisticated tools like automatic transfer systems (ATSs) and the Blackhole Exploit Kit to enhance the power of their respective ZeuS, SpyEye, and other botnets.”
The report also makes note of how Pinterest has become the social media platform of choice among criminals in Q2 2012; and examines the top 5 social engineering lures being used across all social networking sites, including Diablo 3, Instagram Android, Angry Birds Space, the London 2012 Olympics, and Tibet.
Trend’s Q2 2012 report is available here.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
