Blogs

Cybercrime report should be alarming to every Internet user in the world!

02.12.15

A recent report analyzing cybercrime that infected over 500,000 PCs pointed out that while “the primary targets appear to be financial accounts and online banking information, the group also has a range of options for further monetization of the infected computers.” The Proofpoint October 2014 report entitled the “Analysis of a Cybercrime Infrastructure” concludes that “the recent targeting online banking credentials for banks in the United States and Europe “appear to be a Russian cybercrime group whose primary motivation is financial.”

Here are some of the key facts from the Proofpoint analysis:

  • Russian-speaking cybercrime group targeted primarily US-based systems and online banking accounts.
  • Qbot (aka Qakbot) botnet of 500,000 infected systems sniffed ‘conversations’ – including account credentials – for 800,000 online banking transactions, with 59% of the sniffed sessions representing accounts at five of the largest US banks.
  • The attackers compromised WordPress sites using purchased lists of administrator logins, with which they were able to upload malware to legitimate sites in order to then infect clients that visited these sites. Many of these WordPress sites also run newsletters, which the attackers leverage to distribute legitimate but infected content.
  • Windows XP clients comprised 52% of the infected systems in the cybercrime group’s botnet, even though recent estimates place the Windows XP install base at 20-30% of business and consumer personal computers. Microsoft ended patch and update support for Windows XP in April 2014.
  • The cybercrime group used compromised PCs to offer a sophisticated, paid proxying service for other organized crime groups. The service turns infected PCs into an illicit ‘private cloud’ as well as infiltration points into corporate networks.

Given recent $2+ trillion valuation of cybercrime I hope that Proofpoint’s report is a wakeup call!

The publications contained in this site do not constitute legal advice. Legal advice can only be given with knowledge of the client's specific facts. By putting these publications on our website we do not intend to create a lawyer-client relationship with the user. Materials may not reflect the most current legal developments, verdicts or settlements. This information should in no way be taken as an indication of future results.

Search Tips:

You may use the wildcard symbol (*) as a root expander.  A search for "anti*" will find not only "anti", but also "anti-trust", "antique", etc.

Entering two terms together in a search field will behave as though an "OR" is being used.  For example, entering "Antique Motorcars" as a Client Name search will find results with either word in the Client Name.

Operators

AND and OR may be used in a search.  Note: they must be capitalized, e.g., "Project AND Finance." 

The + and - sign operators may be used.  The + sign indicates that the term immediately following is required, while the - sign indicates to omit results that contain that term. E.g., "+real -estate" says results must have "real" but not "estate".

To perform an exact phrase search, surround your search phrase with quotation marks.  For example, "Project Finance".

Searches are not case sensitive.

back to top