Crimeware
Template:Short description Template:Computer hacking
Crimeware is a class of malware designed specifically to automate cybercrime.[1]
Crimeware (as distinct from spyware and adware) is designed to perpetrate identity theft through social engineering or technical stealth in order to access a computer user's financial and retail accounts for the purpose of taking funds from those accounts or completing unauthorized transactions on behalf of the cyberthief.Script error: No such module "Unsubst". Alternatively, crimeware may steal confidential or sensitive corporate information. Crimeware represents a growing problem in network security as many malicious code threats seek to pilfer valuable, confidential information.
The cybercrime landscape has shifted from individuals developing their own tools to a market where crimeware, tools and services for illegal online activities, can be easily acquired in online marketplaces. These crimeware markets are expected to expand, especially targeting mobile devices.[2]
The term crimeware was coined by David Jevans in February 2005 in an Anti-Phishing Working Group response to the FDIC article "Putting an End to Account-Hijacking Identity Theft".[3]
Examples
Criminals use a variety of techniques to steal confidential data through crimeware, including through the following methods:
- Surreptitiously install keystroke loggers to collect sensitive data—login and password information for online bank accounts, for example—and report them back to the thief.[4]
- Redirect a user's web browser to a counterfeit website controlled by the thief even when the user types the website's proper domain name in the address bar, also known as pharming.[5]
- Steal passwords cached on a user's system.[6]
- Hijack a user session at a financial institution and drain the account without the user's knowledge.
- Enable remote access into applications, allowing criminals to break into networks for malicious purposes.
- Encrypt all data on a computer and require the user to pay a ransom to decrypt it (ransomware).
Delivery vectors
Crimeware threats can be installed on victims' computers through multiple delivery vectors, including:
- Vulnerabilities in Web applications. The Bankash.G Trojan, for example, exploited an Internet Explorer vulnerability to steal passwords and monitor user input on webmail and online commerce sites.[6]
- Targeted attacks sent via SMTP. These social-engineered threats often arrive disguised as a valid e-mail message and include specific company information and sender addresses. The malicious e-mails use social engineering to manipulate users to open the attachment and execute the payload.[7]
- Remote exploits that exploit vulnerabilities on servers and clients[8]
Concerns
Crimeware can have a significant economic impact due to loss of sensitive and proprietary information and associated financial losses. One survey estimates that in 2005 organizations lost in excess of $30 million due to the theft of proprietary information.[9] The theft of financial or confidential information from corporate networks often places the organizations in violation of government and industry-imposed regulatory requirements that attempt to ensure that financial, personal and confidential.
United States
US laws and regulations include:
- Sarbanes-Oxley Act
- Health Insurance Portability and Accountability Act (HIPAA)
- Gramm-Leach-Bliley Act
- Family Educational Rights and Privacy Act
- California Senate Bill 1386 (2002)
- Payment Card Industry Data Security Standard
See also
- Malware
- Metasploit Project
- MPack (software), A PHP-based crimeware
- Targeted attacks
- Tiny Banker Trojan, A small banking trojan
- Phishing
- Spyware
- Zeus (malware), Perhaps the best known banking trojan
References
External links
- Symantec Internet Security Threat Report Template:Webarchive
- Computer Security Institute (Archived: August 8, 2002, at 22:18:34)
- "Real-Time Hackers Foil Two-Factor Security" (Technology Review, September 18, 2009)
- "Cyber Crooks Target Public & Private Schools", (Washington Post, September 14, 2009)
- "Crimeware gets worse - How to avoid being robbed by your PC", (Computerworld, September 26, 2009)
Template:Information security Template:Malware
- ↑ Script error: No such module "citation/CS1".
- ↑ Script error: No such module "Citation/CS1".
- ↑ Script error: No such module "citation/CS1".
- ↑ "Cyberthieves Silently Copy Your Password", The New York Times
- ↑ Script error: No such module "citation/CS1".
- ↑ a b Symantec Internet Security Report, Vol. IX, March 2006, p. 71
- ↑ "Protecting Corporate Assets from E-mail Crimeware" Template:Webarchive Avinti, Inc., p.1,
- ↑ Script error: No such module "Citation/CS1".
- ↑ CSI/FBI Computer Crime and Security Survey 2005, p.15