Thursday, October 30, 2008

Cybercrime rises as markets fall

Recent data published by Panda Security shows a direct correlation between the instability of the stock market and a dramatic rise in cyber crime.

According to Jeremy Matthews, head of Panda Security’s sub-Saharan operations “When we began looking into the specific effects cyber-criminals had on the economy during times of duress we found a startling connection: the criminal economy is closely interrelated with the global economy.”

He says that based on extensive research and analysis done by Panda of emerging malware patterns, they believe that criminal organisations are closely watching market performance and adapting as needed to ensure maximum profit.

Some of the key findings include:
• On average, the US stock market experienced between a 3 to 7 percent decline from Sep 1 to Oct 9. However, activity on the “malware markets” was the opposite: it grew substantially as the stock markets declined.
• From Sep 5 to 16, the Dow Jones Industrial Average, NASDAQ, S&P 500 and Composite Index all dropped from the plus 0.0 percent range to approximately negative 3.0 percent or lower. In the same period the Spanish IBEX 35 index and the London FTSE 100 also suffered major losses. The same timeframe witnessed a significant surge in daily malware threats; for example from Sept. 8th to Sept 10th the volume of daily threats grew from 10 150 to well over 24 000.
• From Sep 14 to 16, stock markets dropped from -0.5 to -5.5 percent while daily threats grew 50 percent each day, from 8 276 on the 14 to over 31 404 on the 16th.

Panda Security has provided the following diagrams to better illustrate this correlation (please click on images for a larger version).


Fig.1 – Stock market evolutions (Sep 1 to Oct 9) – source: moneycentral.msn.com



Fig.2 – Threat evolutions with key highlights (Sep 1 to Oct 9) – source: PandaLabs


According to Panda Security, there is an increase in adware and there has been a dramatic surge of fake anti-virus software scams lately. Now is the time to be more vigilant and more suspicious than ever before. It is evident that cybercriminals will stop at nothing to get your money, especially in desperate situations. Please be careful!

Friday, October 24, 2008

Microsoft’s emergency and Google’s malware

This was a pretty bad week for the big guys as Microsoft and Google both came under a negative spotlight.

Microsoft had to release an emergency patch for a certain vulnerability that allows an internet worm to spread and makes remote execution possible.

It has been flagged as critical for users of Windows 2000, XP and Server 2003 and "important" for Windows Server 2008 and Windows Vista users.

Google was an inadvertent malware distributor for three infected sites, namely xlovelygirls.com, paincult.com, and iteenzy.com.

Local events
There are a couple of security-related events coming up locally for those that may be interested:

Cyber Crime Africa Summit
Hotel Apollo, Johannesburg
10-12 November

Practicing Innovation in Digital Forensics Management
Balalaika Hotel, Johannesburg
12-13 November

Security Africa Summit 2008
Balalaika Hotel, Johannesburg
26-28 November

Last but not least
Telspace is hotting up the media this week! You can catch a glimpse of the lesser-spotted Charlie on ITWeb’s Security Week newsletter today, and catch Dino C on Classic FM talking about cybercrime later tonight. Tune in to 102.7fm between 7 and 8pm!

Tuesday, October 14, 2008

SecTor 2008

This year’s SecTor was simply amazing and had a great turn out. It featured a number of great talks by presenters such as Johnny Long who discussed “no-tech hacking” and HD Moore on "MetaSploit Prime". Everything was extremely well organised by the very accommodating SecTor team.

Our training went great, and we would like to thank everyone who attended our training and for their feedback. Last but not least, a huge thanks to Brad 'RenderMan' Haines for helping out with the training!

Wireless hacking gets more interesting…

Russian hackers have discovered a mode to accelerate Wi-Fi decryption by using an NVIDIA graphics card, although no one seems to be clear which one is being used.

Apparently, it cracks passwords much faster than the usual methods. Although some sources cite that these type of new hacking techniques focused on wireless technology could see a move back to a wired network connections, I sincerely doubt that.

The nature of the technological advancement beast ensures that we are always moving in a forward direction – and never backwards. Besides, people tend to ignore security issues where convenience plays a factor.

In any case, suggestions are being made to apply tighter VPN controls, so you can always start there.

If anyone is interested in learn more about wireless hacking, you can contact me on [email protected] for more details on Telspace’s Bluetooth and Wireless 101 training.