my forensic investigations show a mean time of 72 days between the compromise of a home computer and its activation. That means that the computer is watched for over two months before it is used for fraud.
(PRWEB) November 30, 2011
Since the SpyEye malware licensing scheme was cracked back in May, the amount of malicious emails sent on the internet has dramatically increased. Many industry analysts believed that the 25 Billion malicious email attachments sent on a single day in August would be the highpoint of the year, unfortunately, for those of us with email and who like get deals on Cyber Monday, they were wrong, very wrong, notes online security provider, Daily Safety Check.
“An analyst at our Secure Operations Center (SOC) christened the August event the ‘I:>Cry’ Wedgie. It was seen as a peak, said Marco Stanich, co-founder of Daily Safety Check, an online security firm. "We saw the same trend when a version of the Zeus botnet malware was released to open source earlier in the year. There was a dramatic SPAM uptick as the software was downloaded and 'played with" by amateurs. When something that commanded a price tag of $10,000 goes to $0 people are going to see a ‘shiny new toy’ and want to see what the fuss was about.”
And while 25 Billion was a big number just a few months ago, Cyber Monday blew it out of the water. Since the 'I:>Cry Wedgie' four additional 'waves' of spam with malicious attachments consistently met the mark and, finally, on Cyber Monday, exceeded it. “The amount of volume directed at both our home customers and online banking users is staggering,” said Stanich, “And while the sheer volume is bad enough, what's more concerning is how organized the campaigns are. There is clearly intelligence and a business strategy behind it, this is not just opportunistic, ‘because I can event.”
SpyEye and its wizard-based email campaign module were specifically designed to exploit the biggest vulnerability of the internet, the home computer and the two billion or so people who use them. Why go after a ‘hardened’ target like an online store when the computer used to type in the credit card information can be compromised with a simple email? To criminals our home and laptops are the low hanging fruit.
To fully protect a home computer, the owner has to master at least fourteen different update mechanisms, as the typical home computer has software from 14 different vendors. While one update mechanism, Microsoft Update the operating system and 26 Microsoft programs can be patched to remediate %31 of vulnerabilities. However that leaves 13 update mechanisms to patch the 24 third-party programs remediate %69 of the vulnerabilities. Common vulnerabilities not addressed timely enough are Flash, Acrobat and Skype. A single vulnerability can lead to a criminal 'owning' a computer.
And for those of us who rely on home anti-virus and programs for our primary defense, anti-virus programs are the first protection to be disabled or crippled, it’s built into SpyEye as a key feature.
Jim McKenney, a computer forensics expert, says his forensic investigations show a mean time of 72 days between the compromise of a home computer and its 'activation'. This means everything happening on the computer is watched for over two months before it is used for fraud. This gives the criminal access to everything the user does on the computer; email, website passwords, online banking balances and account activities, purchases, personal pictures – anything and everything. Generally speaking the longer the computer can be “watched” the more valuable it becomes to a criminal.
For real time phishing alerts subscribe to the twitter feed #fraudjogger.