" blackhat seo "

Top 10 Internet Security Threats and Trends for 2011

–      “Hacktivism” and cyber war: making the headlines in 2011

–      The growth rate of new malware is set to slow down

–      Social engineering and the use of social media to spread encrypted malware

–      More malware for Mac and for 64-bit systems, as well as zero-day exploits

Global IT vendor Panda Security has forecast that there will be few radical innovations in cyber-crime during 2011. “Hacktivism” and cyber-war; more profit-oriented malware, social media, social engineering and malicious codes with the ability to adapt to avoid detection will be the main protagonists in 2011. There will also be an increase in the threats to Mac users, new efforts to attack 64-bit systems and new zero-day exploits.

Luis Corrons, Technical Director of PandaLabs explains: “Once again we have dusted off the crystal ball and this is a summary of what we reckon will be the ten major security trends during 2011”:

  1. Malware creation. Panda has seen a significant growth in the amount of malware in 2010, a constant theme over the last few years. This year, more than 20 million new strains have been created, more than in 2009. At present, Panda’s Collective Intelligence database stores a total of over 60 million classified threats. The actual rate of growth year-on-year however, appears to have peaked: some years ago it was over 100%. In 2010 it was 50%. We will have to wait and see what happens in 2011.
  2. Cyber war. Stuxnet and the Wikileaks cables suggesting the involvement of the Chinese government in the cyber-attacks on Google and other targets have marked a turning point in the history of these conflicts. In cyber-wars, as with other real-world conflicts today, there are no ranks of uniformed troops making it easy to distinguish between one side and another. This is like guerrilla warfare, where it is impossible to discern who is launching the attack or from where. The only thing it is possible to ascertain is the objective. Attacks such as these, albeit more or less sophisticated, are still ongoing, and will no doubt increase during 2011, although many of them will go unnoticed by the general public.
  3. Cyber-protests. Undoubtedly the major new issue in 2010. Cyber-protests, or hacktivism, are all the rage. This new movement was initiated by the Anonymous group and Operation Payback, targeting firstly organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of Wikileaks. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns. Despite hasty attempts in many countries to pass legislation to counter this type of activity, effectively by criminalizing it, we believe that in 2011 there will be yet more cyber-protests, organized by this group or others that will begin to emerge.
  4. Social engineering. Panda has seen the continued use of social engineering to infect unwary users. In particular, cyber-criminals have found social media sites to be their perfect working environment, as users are even more trusting than with other types of tools, such as email. Throughout 2010 Panda has witnessed various attacks that have used the two most popular social networks – Facebook and Twitter- as a launch pad. In 2011 we fully expect that not only will hackers continue to use these media, but that they will also be used more for distributed attacks. Moreover, BlackHat SEO attacks (indexing and positioning of fake websites in search engines) will also be widely employed throughout 2011, as always, taking advantage of hot topics to reach as many users as possible.
  5. Windows 7 influencing malware development. As we mentioned last year, it will take at least two years before we start to see the proliferation of threats designed specifically for Windows 7. In 2010 we have begun to see a shift in this direction, and we imagine that in 2011 we will continue to see new cases of malware targeting users of this new operating system.
  6. Cell phones. The eternal question: When will malware for cell phones really take off? It would seem that in 2011 there will be new attacks, but still not on a massive scale. Most of the existing threats target devices with Symbian, an operating system which is now on the wane. Of the emerging systems, Panda predicts that the number of threats for Android will increase considerably throughout the year, becoming the number one target for cyber-crooks.
  7. Tablets? The overwhelming dominance of iPad in this terrain will start to be challenged by new competitors entering the market. Nevertheless, save the odd proof-of-concept or experimental attack, we don’t believe that tablet PCs will become a major consideration for the criminal fraternity in 2007.
  8. Mac. Malware for Mac exists, and will continue to exist. And as the market share continues to grow, so the number of threats will grow accordingly. The biggest concern is the number of security holes affecting the Apple operating system. Let’s hope they get ‘patching’ as soon as possible, as hackers are well aware of the possibilities that such vulnerabilities offer for propagating malware.
  9. HTML5. What could come to replace Flash, HTML5, is the perfect target for many types of criminals. The fact it can be run by browsers without any plug-ins makes it even more attractive to find a security hole that can be exploited to attack users regardless of which browser they use. We will see the first attacks in the coming months.
  10. Highly dynamic and encrypted threats. This is something we have already seen over the last two years, and we fully expect this to increase in 2011. There is nothing new about profit-motivated malware, the use of social engineering or silent threats designed to operate without victims realizing. Yet in our anti-malware laboratory we are receiving more and more encrypted, stealth threats designed to connect to a server and update themselves before security companies can detect them. There are also more threats that target specific users, particularly companies, as information stolen from businesses will fetch a higher price on the black market.

“The overall picture is not improving” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “It is true that in 2010 we have seen several major arrests that have hit hard in the world of cyber-crime. Yet this is sadly insufficient when we consider the scale of what we are fighting against. Profits from this black market amount to thousands of millions of dollars, and many criminals operate with impunity thanks to the anonymity of the Internet and numerous legal loopholes”, he concludes.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow us on Twitter: PandaSecurityZA and Facebook: Panda Security South Africa

Twitter targeted by hackers this Christmas

–      Numerous Twitter accounts have been created to spread malicious code through festive messages

–      Every year threats are spread via email and social media using Christmas-themed messages

According to Panda Security, cyber-criminals are exploiting Twitter to spread malware in festive-themed messages. Using methods akin to Black Hat SEO techniques, hackers are taking advantage of trending topics to position malware distribution campaigns. Topics such as “Advent calendar”, “Hanukkah” or even “Grinch”, are among the most popular subjects used by hackers to entice users.

Thousands of tweets have been launched using festive-themed phrases, such as “Nobody cares about Hanukkah” or “Shocking video of the Grinch”, along with short URLs pointing to malicious websites.

Users that click the link will be taken to a page that infects systems with false codecs by exploiting a security hole in PDF files and tries to trick users into downloading a codec that is really a downloader Trojan, which in turn downloads more malware onto the compromised computer.

In addition to subjects related to Christmas, cyber-criminals are using other hot topics to spread their creations, including the Sundance festival, the AIDS campaign and the Carling Cup.

According to Jeremy Matthews, head of Panda’s sub-Saharan operations, “Social networks like Facebook and Twitter are becoming increasingly popular with hackers because of their ever-increasing number of users, and the ease at which they (the hackers) can post malicious links. That’s why the number of clicks, and therefore infections, tends to be very high.”

Keep your computer safe this Christmas

With the increased risk over the Christmas period, Panda offers users a series of practical security tips for using social media:

1) Don’t click suspicious links from non-trusted sources. This should apply to messages received through Twitter, through other social networks and even via email.

2) If you click on the links, check the target page. If you don’t recognize it, close your browser.

3) Even if you don’t see anything strange in the target page, but you are asked to download something, don’t accept.

4) If you do download or install an executable file and the PC starts to launch messages or behaves strangely, there is probably malware on your computer. In this case, you should check your computer with a free online scanner such as ActiveScan, available at: www.activescan.com

5) As a general rule, make sure your computer is well protected to ensure that you are not exposed to the risk of infection from any malicious code. You can protect yourself with the new, free Panda Cloud Antivirus solution (www.cloudantivirus.com).

“It is important to remember that hackers will take advantage of any big holiday or event, which is why it is important to remain extra vigilant during these times”, concludes Matthews.

For more information about Panda, visit http://www.pandasecurity.com/.

Trick or treat? Halloween can end up really damaging your PC

  • Computer pranks with applications that simulate a Trojan infection are invading the Web
  • “Paranormal Activity 2” and “Friday the 13th” used in BlackHat SEO attacks to download malware

As Halloween approaches, applications, fake websites, spam and Trojans all put on disguises to try to trick users. Global IT vendor Panda Security has been detecting attacks like these since August, with the most proliferate attacks listed below.

Halloween pranks used to spread terror…

Even though computer pranks are nothing new, they get massively distributed in the days leading up to Halloween, with the aim of scaring users. These applications are actually harmless, as they really do not contain any malware or Trojans.

They usually arrive at the targeted computer from one of the victim’s contacts, as a Halloween video file or an online greetings card, via email, or a social network. However, once the user has downloaded and installed the item, it displays a series of messages and screens informing the user that they have been infected by a Trojan.

On other occasions, a flash movie may simulate the deletion of all contents on the computer’s hard disk, while a spooky skull is displayed on the screen. The website that distributes this prank offers a video with instructions to configure the movie in order to make it even more realistic and frightening. 

In reality, these are just computer virus hoaxes. However, there is no doubt that users will be really scared to see their computer almost destroyed!

And the real threats…

On other occasions, attackers are using latest releases like “Paranormal Activity 2” or Halloween classics like “Friday the 13th” to distribute malware. 

Hackers are using these well-known Hollywood productions to launch Blackhat SEO attacks, exploiting popular topics in order to place malicious websites at the top of search results when users look for certain terms in search engines. If a user accesses the malicious website, a Trojan or fake antivirus is downloaded onto their computer. These attacks not only exploit horror movies, but any other Halloween-related items like party invitations, etc.

Halloween spam

Panda has also seen an increase in the massive distribution of Halloween-themed spam, used to trick users into giving away their personal data and buying fraudulent or illegal products, or just make money as many of these companies get revenue through pay-per-click systems.

Some tips to protect you

As always, having a great antivirus and taking some basic precautionary measures are the best ways to stay protected against both real and/ or fake threats.

Panda offers the following advice to users: 

  • Don’t open emails or messages received on social networks from unknown senders.
  • Do not click any links included in email messages, even though they may come from reliable sources. It is better to type the URL directly in the browser. This rule applies to messages received through any mail client, as well as those in Facebook, Twitter, or other social networks or messaging applications, etc.
  • If you do click on any such links, take a close look at the page you arrive at. If you don’t recognize it, close your browser.
  • Do not run attached files that come from unknown sources. In particular, watch out for any files with Halloween-related names.
  • Only buy online from sites that have a solid reputation and offer secure transactions, encrypting all information that is entered in the page. To check that the page is secure, look for the security certificate in the form of a small yellow padlock next to the toolbar or in the bottom right-hand corner of the screen.
  • Don’t use shared or public computers for making transactions or operations that require you to enter passwords or other personal details.
  • Have an effective security solution installed, capable of detecting both known and new malware strains.

Panda Security offers users several free tools for scanning computers for malware, like Panda Cloud Antivirus: www.cloudantivirus.com.

Trojans Dominate Cyber Threats in 2010

  • The malware distribution techniques in the spotlight this quarter include clickjacking, BlackHat SEO and 0-day attacks
  • 95% of all email in circulation was spam, and 55% of global spam originated from just 10 countries
  • Android smart phones are being targeted by hackers, thanks to their widespread popularity

Global IT vendor Panda Security has published its quarterly report on global virus activity. This third quarter has once again seen Trojans in the spotlight, as 55% of all new threats created were in this category.

Infection via email, traditionally the most popular vector for spreading malware, has declined in favour of more modern methods: use of social media, such as the clickjacking attacks using the Facebook “Like” button, fake Web pages positioned on search engines (BlackHat SEO) and exploits of 0-day vulnerabilities.

In addition, Google’s Android operating system for smart phones has come into the line of fire. Various threats have appeared recently, aimed above all at racking up phone bills or targeting the geolocalization function of the terminals.

Malware info

55% of new threats created this quarter were Trojans, most of them banker Trojans. This is in line with the general increase in these types of threats that Panda has witnessed over the last two years.

With respect to spam, 95% of all email circulating across the Internet during the last quarter was junk mail. Some 50% of all spam was sent from just ten countries, with India, Brazil and Russia at the top of the list.

“This edition of the report highlights the record levels of threat distribution through new channels”, says Jeremy Matthews, head of Panda’s sub-Saharan operations.

There has also been much talk of two serious 0-day flaws in the code of Microsoft’s operating system. One of these could have been exploited to attack SCADA systems (specifically, nuclear power stations), although this rumor is yet to be confirmed.

On a more positive note, Panda is happy to report the arrest of the creator of the Butterfly botnet kit, source of the notorious Mariposa network that impacted 13 million computers around the world.

And finally, the latest and hopefully last scare of this third quarter: a worm called ‘Rainbow’ or ‘OnMouseOver’. A vulnerability in the code of Twitter allowed JavaScript to be injected, enabling a series of actions: redirecting users to Web pages, publishing javascript on the user’s timeline without their permission or knowledge, etc. Twitter however resolved the problem in just a few hours.

Android: in the firing line of hackers

Over these three months Panda has also witnessed what could be the beginning of a wave of threats targeting smart phones, as it seemed that hackers have started lining up Android, Google’s popular operating system. Two applications have been developed specifically for this platform: FakePlayer, which under the guise of a video player, sends SMS messages generating a hefty phone bill for victims without their knowledge; and TapSnake, an app disguised as a game which sends the geolocalization coordinates of the user to an espionage company.

‘With the rise in social networking attacks and banker Trojans, we encourage users to always be vigilant when using the web, for personal or professional reasons. This coupled with good malware and virus protection, like Panda’s, is the best way to stay safe’, concludes Matthews.

You can download the PandaLabs quarterly report from http://press.pandasecurity.com/press-room/panda-white-paper/

For more information about Panda, visit http://www.pandasecurity.com/.

5 million new malware threats in record-breaking Q3

Malware-creators have broken all records when it comes to creating new threats. Over the last three months, PandaLabs, Panda Security’s anti-malware lab, has recorded five million new strains of malware. Most of these were banker Trojans, although adware and spyware have also increased.

This was revealed in the PandaLabs quarterly report detailing cyber-threat activity from July to September. The report can be downloaded here.

“We are currently receiving some 50,000 new examples of malware everyday,” explains Jeremy Matthews, head of Panda’s sub-Saharan operations. “This is a massive increase from the 37,000 samples were detecting daily just a few months ago. There is no reason to believe that the situation will improve in the coming months.”

Q3 saw a 15% rise of computers infected by malware compared to the previous quarter. In more than 37% of cases, the culprits were Trojans, while adware was responsible for 18.68% of all infections. This category in particular has seen significant expansion due to the major proliferation of fake antivirus programmes.

Panda has detected a major growth in the distribution of malware through spam, social networks and rogue search engine optimization techniques, which draw users to spoof Web pages from which malware is downloaded. These methods for propagating malware often use social engineering, exploiting a range of current issues such as swine flu, Independence Day, forest fires or speeches of Barack Obama.

Download the PandaLabs report here.

Cyber-crooks’ search engines lure users to malicious websites

Panda Security’ malware detection and analysis laboratory has revealed how cyber-criminals are starting to use their own search engines to lead users to malicious pages, often created for distributing malware.

This frightening new trend underlines how cyber-crime is becoming increasingly professional. Previously, cyber-crooks would use malicious SEO (Search Engine Optimization) or “blackhat SEO” techniques to improve the ranking of their pages among popular search engines. Now they are beginning to use their own search engines which lead users directly to pages designed to infect or defraud them. One such malicious search engine, detected by Panda, has already received around 195,000 visits.

“We started searching for words and issues frequently exploited by cyber-crime, in this case swine flu, or celebrity names such as Britney Spears or Paris Hilton and this took us to pages created to distribute malware,” explains Jeremy Matthews, head of Panda’s sub-Saharan operations. “But then we found that even searching for our own names would throw up results that were really malicious pages.”

These search engines operate as follows: when users enter a word to find, the engine returns just five or six results. Clicking on any of these results will redirect the user to a Web page created specifically to distribute malware. The pages may include content such as pornographic videos, which ask users to download the latest version of “Web media player” in order to watch the clip. However, the file downloaded is really the adware WebMediaPlayer. These pages are also being used to distribute fake antivirus programs. You can see an image here.

This technique is known as social engineering, and basically involves infecting users by enticing them to click a link or run a malicious file. To avoid falling victim to these attacks, Panda advises users only to use trusted search engines, and to be wary of websites offering sensational videos or unusual stories.

“If on this kind of website you are asked to download a codec or any other kind of program to watch videos, there is a strong chance that it is really malicious code,” warns Matthews.