Banking ID theft reaching epidemic proportions

Share this article:

The amount of malware aimed at financial identity theft is bigger than ever, Sean-Paul Correll, a threat researcher at PandaLabs, wrote Friday in a post on the PandaLabs blog of Panda Security.

“In 2007, we received more malware samples than in the previous 17 years combined,” Correll said. “Our forecasts for 2008 indicated that we would end the year with some seven or eight million malware strains. However, we actually ended up with over 15 million malware specimens.”

Anti-virus vendors are hard put to keep up with the pace of the threats -- many common solutions are becoming less effective against the malware ploys in circulation.

Obviously, the impetus behind this is financial -- not because of fame-craving virus writers.

“Today, there are huge illegal businesses behind this type of cybercrime, and criminal organizations are making a lot of profit from identity and data theft,” Correll said.

Much of the malware comes from affiliate systems built on cybercrime control systems that are for rent -- cybercriminals can pay to have their malware spread, and anyone can try their hand at the game.

“They have fully automated servers and web frameworks that they build or buy,” Correll told Friday. "These are mainly situated in the former Eastern bloc countries. They use the frameworks to generate massive numbers of files. Each time a URL is accessed, a new file is generated, which has to be manually processed by AV vendors.”

Share this article:

Sign up to our newsletters

More in News

EFF intros wireless router software to boost industry standard

EFF intros wireless router software to boost industry ...

This weekend, the digital rights group released a "hacker alpha" version of its Open Wireless Router software.

Breaches driving organizational security strategy, survey indicates

Breaches driving organizational security strategy, survey indicates

CyberArk interviewed 373 IT security executives and other senior management in North America, Europe and the Asia-Pacific as part of its eighth annual Global Advanced Threat Landscape survey.

Siemens industrial products impacted by four OpenSSL vulnerabilities

The vulnerabilities can be exploited remotely, and fairly easily, by an attacker to hijack sessions and crash the web server of the product.