We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Use of Trojans in phishing scams on the up

IBM survey says hackers snubbing spam

Cybercriminals are snubbing spam-based phishing attacks in favour of new more efficient technology, says IBM.

According to the company's semi-annual 'Internet Security Systems 2009 Mid-Year Trend and Risk Report', Russia is the top country of origin for phishing emails, with 7.2 percent share, while China is the top hosting country for spam URLs.

"The decline in phishing and increases in other areas (such as banking Trojans) indicate the attackers may be moving their resources to other methods to obtain the gains that phishing once achieved," says IBM.

IBM revealed that in the first half of 2009, 55 percent of the new malware seen was Trojans, an increase of 9 percent over last year. Trojan malware, which includes components called downloaders and info-stealers, are mainly being used in the form of "publicly-available toolkits" that are "easy to use" by criminals, the report points out.

Phishing attacks may be down because criminals "are likely getting better results with Trojans," says Dan Holden, X-Force product manager at IBM's ISS division. "It's a return on investment issue for them."

The company also said that about eight percent of the internet can be classified as "unwanted content, such as pornographic or criminal websites", which includes those for hacking, illegal drugs, malware, or selling counterfeit goods.

The number of malicious web links used to trick users into downloading malware or visiting dangerous sites has increased, up 508 percent in the first half of 2009 in comparison to the number discovered in the first half of 2008, says the report. The US is the top country where such malicious web links can be found, accounting for 36 percent of known malicious links, with China holding the second spot.

"Attackers are focusing more and more on using the good name of trusted websites to lessen the guard of end users," IBM said.

When it comes to spam, the bulk of it today is still classified as URL spam in which a person clicks to view the spam content and China accounts for 41.4 percent of all spam URLs, according to the report.

One disturbing trend is that the amount of spam using "well-known and trusted domain names has continued to increase" as legitimate websites are exploited by those posting links from forums and other public comment areas associated with them. "Trusted domain names are often used as decoys," says Holden.

IBM also revealed there's been an 8 percent decrease in patching software vulnerabilities over the first half of 2008, with 3,240 reported vulnerabilities disclosed in the first half of the year by vendors and open-source communities managing a code base.

Broadband speed test

PC security advice

See also: Survey shows hackers love Christmas

IDG UK Sites

LG G4 Note UK release date and specification rumours: Samsung Galaxy Note 5 killer could be the LG 3......

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model