AhnLab Details Top 10 Security Threats in 2010

December 22, 2010

Tools

- Sophisticated threats against critical infrastructure and e-commerce top list

- AhnLab provides full range of security solutions, including protection against Zeus

SEOUL, South Korea--(BUSINESS WIRE)-- Security threats in 2010 were more damaging, full-fledged and sophisticated than ever, according to research from AhnLab Inc. (www.ahnlab.com), a leading provider of integrated security solutions. Today, the company shared its Top 10 Security Threats and Trends of 2010:

Stuxnet aims critical infrastructure
Zeus botnet hits e-commerce
Security threats on smart phone
Malicious attacks on SNS
Palevo variant for DDoS attack
Search Engine Optimization exploiting global topics
Smarter distribution of malware
Malwares capitalizing zero-day vulnerability
Online phishing spreads
Increasing hacking attempts for online games

Stuxnet Attacks on Critical Infrastructure

The Stuxnet worm, identified in July, not only exploits zero-day vulnerabilities, but also preys on Siemens SCADA software which is widely utilized by many countries to control critical infrastructure. With growing though still unconfirmed suspicion of the Iranian government's role in developing Stuxnet, many experts believe the worm represents a new era of malicious codes employed as potent cyber weapons.

Zeus Botnet Hits E-commerce

Zeus botnet, one of the most discussed malware in 2010, targets online commerce including internet banking users. In September, British police arrested a 19-person gang charged with stealing £6 million from London banks in just three months utilizing a variant of the ZeuS virus. In October, the Association of Dutch Banks (Nederlandse Vereniging van Banken) released figures indicating €4.3 million in losses involving online banking fraud. Variants of Zeus targeting mobile devices to steal SMS messages to validate transactions were also identified in 2010.

Smart Phone Security Threats Realized

In August, malicious applications that run on Android OS-based smart phones were reported including Android-Trojan/Ewalls, which steals sensitive information, such as SIM data, without consent from the user. Another identified application, Android-Trojan/SmsSend, disguised as an adult video player, never plays videos, but sends paid SMS (Short Message Service) without user consent. Android-Trojan/Snake, an application, disguising itself as a game to leak the location of users was also discovered. Before downloading and installing smartphone applications, it is critical that users examine application details including the maker's reputation to avoid falling victim to these threats.

Malicious Attacks via Social Network Services (SNS)

2010 also saw the rise of malware attacks via popular social networking services, like Twitter and Facebook. Several malicious URLs were distributed under the disguise of Twitter or Facebook via Shortened URLs, Direct Messages, SNS applications and chatting services. AhnLab also identified an increase in email campaigns under the name of an SNS service provider, attempting to deliver malicious URLs. Malicious attacks utilizing SNS websites are expected to continue to increase.

Palevo Variant in DDoS Attacks

There have been continues reports of Win32/Palevo.worm variants since January. The Palevo worm creates and runs a new thread with its own code within Explorer.exe. During this process, it may receive commands from a specific host to perform malicious activities. It propagates itself by receiving commands via removable disk or the MSN messaging service.

SEO (Search Engine Optimization) Exploiting Global Issues

Search engine optimization (SEO) poisoning attack is a technique used to obtain higher search rankings for a given website to distribute malware. Hackers manipulate search engine results to make their links appear higher than legitimate results. The infected links appear near the top of the search results, generating a greater number of clicks to malicious websites. In 2010, cyber criminals used keywords such as Haiti and Taiwan earthquake, Novel Prize, Worldcup and G20.

Smarter Distribution of Malware

Criminals are using smarter methods to distribute malicious code. In 2010, distribution methods involving ARP spoofing attacks, anti-spam detouring and copying well known software were all identified. Attackers also sent image-based malicious mails to neutralize text-detecting anti spam programs, under the disguised names of DHL, UPS, FedEx. Spam disguised as an electronic bill from a credit card company also was reported.

Malware Capitalizing on Zero-day Vulnerability

The Zero-day vulnerability is one of the all-time top security issues. In 2010 alone, attacks on zero-day vulnerabilities in Internet Explorer, Windows Help and Support Center, Adobe Acrobat Reader and Flash Player were identified. It is critical that users regularly update antivirus software to the latest version and apply patches as they play the most important role in correcting security weakness, and are essential to any computer system.

Online Phishing Spreads

Online phishing via mail, phone and instant messenger is rampant. Criminals can even buy web tools to build phishing websites on the black market. In February, it was reported that a blog was spreading a spam worm that targeted Twitter, via Direct Messages. The phishing message contained a link with a shortened URL which directed users to a fake Twitter login page that appeared similar to the actual login page.

Growing Online Game Hacking Attacks

As the number of online gamers has risen rapidly, attackers have been developing diverse and sophisticated tools to hack popular games. Easy to use, these hacking tools have become commonplace, resulting in serious problems. Hackers mainly target games in order to gain monetary profit by trading game items and game money. In 2010, a total of 4,268 game hacking tools worldwide were reported, jumped 91% from 2,225 reports in 2009.

AhnLab's Full Range Solutions

A leader in comprehensive online security from individual PC to all sizes of business, AhnLab is acclaimed for among other solutions, its real-time internet banking security. AhnLab offers integrated, comprehensive protection against Zeus through its innovative AOS security solution comprised of AOS Secure Browser, Anti-Keylogger, Firewall and Anti-Virus/Spyware programs.