Web malware, more advanced and targeted than ever

Share this article:
End-users working in the energy-and-oil sector are most at-risk to succumbing to web malware, according to ScanSafe's annual threat report released this week.

Based on an analysis of 200 billion web requests processed by the security company on behalf of its worldwide customer base, the top five verticals most susceptible to web malware infection were energy and oil, pharmaceutical and chemical, engineering and construction, transportation and shipping and travel and entertainment.

Mary Landesman, ScanSafe's senior security researcher, told SCMagazineUS.com on Wednesday that this is likely attributable to the vast amounts of intellectual property stored by those sectors. Thus, an attacker who can steal data may be able to handsomely profit by, say, selling the goods to a competitor.

In total, incidents of web malware infection surged 582 percent last year, with significant rises visible toward the end of 2008, correlating with the worsening economy, Landesman said. Most users were infected by visiting a website that contained a malicious IFRAME or source reference, which initiated an exploit of a vulnerability, usually in Adobe Flash or Reader, she said. Data-theft trojans, meanwhile, rose 1,559 percent last year, the report showed. Landesman said job losses and general uncertainty may be attracting more people to cybercrime.

She added that the trojans ScanSafe analyzed were highly customizable, meaning they could be configured to launch attacks such as address resolution protocol (ARP) poisoning. ARP poisoning is a man-in-the-middle attack in which a compromised machine will claim to be target device – for instance, a printer – and any traffic sent to that IP address in good faith is delivered to the attacker.
Share this article:

Next Article in News

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.