OTTAWA AND CUPERTINO, CA, Nov. 14, 2011 /CNW/ - Trend Micro (TYO: 4704; TSE: 4704) threat researchers are seeing a significant shift from mass compromises
to targeted attacks, particularly against large enterprises and
government institutions. According to Trend Micro's Third Quarter Threat Report, their work led them to the uncovering of one of the most notable groups
of targeted attacks during the third quarter - the LURID downloader.
These attacks, classified by Trend Micro as advanced persistent threats
(APTs), targeted major companies and institutions in over 60 countries,
including Russia, Kazakhstan, and the Ukraine. The cybercriminals
behind these attacks launched over 300 malware campaigns in order to
obtain confidential data from and take full control of affected users'
systems over an extended period of time. LURID was successful because
it was targeted by its nature. By zoning in on specific geographic
locations and entities, LURID compromised as many as 1,465 systems.
Other notable security attacks, scams, breaches and exploits:
Trend Micro threat analysts came across a new DroidDreamLight variant with enhanced capabilities and routines. Disguised as
battery-monitoring or task-listing tools or apps that allow users to
see a list of permissions that installed apps utilize, copies of this
new Android malware littered a Chinese third-party app store.
Trend Micro researchers spotted a page that enticed users to click a link to get free invitations to Google's latest stab at taking a slice of the social media
pie—Google+. Instead of invitations to join the site, however, all the users got was
an "opportunity" to take part in a survey that put them at risk.
LinkedIn users were also part of a criminal scam that tricked them into
clicking a malicious link to a supposed Justin Bieber video that redirected them to a malicious site.
The most notorious spam runs this quarter led to the download and execution of two banking Trojans: The first campaign featured a spam that purported to come from the
Spain National Police; the second supposedly came from the Internal
India and South Korea were three of the top three spam-sending
countries. Neither Canada nor the United States, which commonly takes
the top spot, were among the top 10 spam-sending countries list most
likely due to the arrest of several spambot operators
Notable security research wins
In addition to the discovery of the LURID downloader, Trend Micro and
other global security teams made impressive takedowns in Q3:
After months of monitoring, Trend Micro researchers uncovered a SpyEye
operation controlled by a cybercriminal residing in Russia with the handle,
"Soldier," and his accomplice in Hollywood, California. This botnet operation, which amassed more than US$3.2 million within six months, targeted
large enterprises and government institutions, Canada, the U.S., the
United Kingdom, India, and Mexico. More details on this win can be
found in Trend Micro's research paper, "From Russia to Hollywood: Turning Tables on a SpyEye Cybercrime Ring."
Trend Micro researchers were also able to gather in-depth information on
two of the largest FAKEAV affiliate networks to date—BeeCoin and MoneyBeat. More details on how FAKEAV affiliate networks work can be found in the
research paper, "Targeting the Source: FAKEAV Affiliate Networks."
About Trend Micro:
Trend Micro Incorporated, a global leader in Internet content security,
focuses on securing the exchange of digital information for businesses
and consumers. Please visit www.trendmicro.com.
SOURCE Trend Micro Canada
For further information:
MEDIA CONTACT: To speak with a Trend threat expert or for more information:
Claire M. Tallarico 416 616 9940 or email firstname.lastname@example.org