Social networks and online games are the new hiding places of today’s increasingly mature hacking community, warns Symantec in its latest six-monthly Internet Security Threat Report.
Social networks and online games are the new hiding places of today’s increasingly mature hacking community, warns Symantec in its latest six-monthly Internet Security Threat Report.
The report says attackers worldwide are increasingly targeting sites that are likely to be trusted by end users such as social networking or games sites. And at the same time they are increasing their ability to market the information they gain to a far more mature underground economy.
The underground economy is pretty damn street-smart: it is learning all the tricks of the legitimate marketing world, including discounting for bulk supplies of sensitive information, including Internet banking log-ins and credentials, says Craig Scoggie, Asia-Pacific veep for Symantec.
If you have enough IDs to sell, the bulk price can go as low as a few cents for a credit card number. You can imagine how much can be gained from that investment.
The Sydney-based Scoggie – in Singapore when he spoke to CDN yesterday – has been roaming the region in recent weeks, warning about the increasing sophistication of the hackers, and their increasing links with what he calls the “underground economy”.
He points to the report’s finding that increasingly hackers are moving away from targeting computers and towards end users – especially toward getting their hands on end-user information that can be used in fraudulent activity for financial gain. This can be surprisingly easy in social networking or online gaming sites, Scoggie says
The report notes that “underground economy servers” are blackmarket forums used by criminal organisations to advertise and trade stolen information and services for use in identity theft.
The 36-page report carries more statistics that CDN could cover in a month or a quarter. We’ll leave you with one: in the last six months of 2007, Symantec says it detected 499,811 new malicious code threats – a 136 percent increase over the first six months, and a 571pc increase over the second half of 2007. Indeed, says Symantec, the figure shows that almost two thirds of all malicious code threats currently detected were created during 2007.
