Finjan’s Cybersecurity Trends Report Warns of Emerging Cyber Threats
The report released yesterday by the Finjan Malware Research Center warns users about several emerging forms of cyber attacks.
According to this research center, the “data hijacking for ransom” attack and the spread of viruses through fake anti-spyware software are currently becoming very prevalent. These are two of the fastest-growing security trends observed recently.
Overall, “virus + rootkit” types continue to be one of the most common barriers challenging IT professionals.
Taking advantage of public anxiety regarding spyware, the proliferation of fake anti-spyware software has also surged significantly in recent times.
In such attacks, hackers often hide malware within applications advertised as free anti-spyware tools. Once users download such software, it immediately downloads harmful code or opens the system to further attacks.
In some cases, Yuval Ben-Itzhak, Chief Technology Officer of Finjan, asserts that fake anti-spyware tools also run fake security scanning processes and report the discovery of spyware programs on the system they are installed on. The next step is for the application to guide users to a different website to purchase the full version of the software that claims to eliminate the detected spyware.
“User awareness of spyware is increasing, and unscrupulous individuals are trying to exploit this,” Ben-Itzhak stated. “There are ‘underground’ networks disseminating malicious code to those who want it. I’m not sure who would dare pay for such software, but I’m certain it exists.”
The advancement of anti-spyware security has led hackers to resort to impersonating the very tools designed to combat them. This also serves as evidence of the increasing complexity in hackers’ attacks.
Another indicator of the growing “professionalism” among hackers is the increasingly frequent occurrence of “ransomware” attacks. In these attacks, hackers “kidnap” files on the victim’s system and demand payment for their return. The malware responsible for “kidnapping” files is often pre-configured to search for personal information files or banking accounts of users.
In a recent case, hackers used software named CryZip to encrypt files on the victim’s computer and demanded $300 to “release” them.
“For experienced users, removing spyware can sometimes be quite easy, but for those who are less knowledgeable, it can be a real issue,” Ben-Itzhak affirmed.
Hoang Dung
