Web malware, more advanced and targeted than ever

Share this article:
End-users working in the energy-and-oil sector are most at-risk to succumbing to web malware, according to ScanSafe's annual threat report released this week.

Based on an analysis of 200 billion web requests processed by the security company on behalf of its worldwide customer base, the top five verticals most susceptible to web malware infection were energy and oil, pharmaceutical and chemical, engineering and construction, transportation and shipping and travel and entertainment.

Mary Landesman, ScanSafe's senior security researcher, told SCMagazineUS.com on Wednesday that this is likely attributable to the vast amounts of intellectual property stored by those sectors. Thus, an attacker who can steal data may be able to handsomely profit by, say, selling the goods to a competitor.

In total, incidents of web malware infection surged 582 percent last year, with significant rises visible toward the end of 2008, correlating with the worsening economy, Landesman said. Most users were infected by visiting a website that contained a malicious IFRAME or source reference, which initiated an exploit of a vulnerability, usually in Adobe Flash or Reader, she said. Data-theft trojans, meanwhile, rose 1,559 percent last year, the report showed. Landesman said job losses and general uncertainty may be attracting more people to cybercrime.

She added that the trojans ScanSafe analyzed were highly customizable, meaning they could be configured to launch attacks such as address resolution protocol (ARP) poisoning. ARP poisoning is a man-in-the-middle attack in which a compromised machine will claim to be target device – for instance, a printer – and any traffic sent to that IP address in good faith is delivered to the attacker.
Share this article:

Next Article in News

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.