CyberSecurity Pulse 2016-12-8
|“Everyone wants happiness without any pain, but you can’t have a rainbow without a little rain.”|
Christmas, Gift Time and Internet Attacks
As in the previous period, users in China and Brazil were most likely to suffer from phishing attacks. They are followed by residents of the United Arab Emirates, Australia and Saudi Arabia. It should be noted that the United Arab Emirates, which rated as number three among the countries most prone to these incidents, was not included in the top ten most attacked countries in the previous period.
The third quarter of 2016 was characterized by increased activity of attack attempts using Zeus family malware (note that in the past quarter, approximately 0.481% of Kaspersky users were attacked, and in the second quarter, this value reached 0.514%). The greatest dynamics of change was exhibited by Nymaim family with the value having increased almost twofold (from 0.058% to 0.120%). As in the previous quarters, Android remains the mobile platform that is most prone to attacks: 99.68% of all reported attacks were aimed at this operating system. The greatest share of attacked users were identified in the Russian Federation, Australia and Ukraine. Even if you are not among the countries most affected by these threats, keep common sense as well as the maximum precaution when you are making any purchase on the network. Cybercriminals will be just waiting for us around the corner.
Senators Fail to Block Rules Allowing US Law-enforcement Hacking
Three senators' efforts to stop a major expansion of US law enforcement agencies' hacking powers has failed for now. The rules change will give US Law Enforcement Agencies the authority to cross jurisdictional lines and hack computers anywhere in the world during criminal investigations. Until now, the rules, in most cases, prohibited federal judges from issuing a search warrant outside their jurisdictions. The Department of Justice has called for the changes as a way to track criminal using anonymizer technology to shield the location of other servers, computers or smartphones.
US Presidential Commission Presents Recommendations on Cybersecurity
Cybersecurity is a primary issue in the agenda of many countries. In this sense, last week the US Presidential Commission has issued a bunch of new recommendations to boost a proactive cooperation between both, private and public sectors (an issue which has remained difficult to tackle when speaking about cybersecurity). This call for collaboration aims to improve the security of computer networks and counteract the action of the different actors that threat the cyberspace. The report has identified several potential attack vectors like Internet of Things technologies and the global supply chain of manufacturers, while it feels important to keep the focus on the protection of critical infrastructure.
Rest of the Week´s News
New DDoS Army: Ten Days of Massive Attacks
The as-yet unnamed botnet was first detected on November 23, the day before the US Thanksgiving holiday. For exactly 8.5 hours, it delivered a non-stop stream of junk traffic to undisclosed targets. The attack has been repeated in a similar basis every day during the next six days at roughly the same time, aimed at a small number of targets mostly on the US West Coast. More recently, the attacks have run for 24 hours at a time.
1 Million Google Accounts Compromised by Gooligan
Researchers say they've uncovered a family of Android-based malware that has compromised more than 1 million Google accounts. Gooligan has been found in at least 86 apps available in third-party marketplaces. Once installed, it roots the pohone to gain highly privileged system access to devices running version 4 (Ice Cream Sandwich, Jelly Bean, and KitKat) and version 5 (Lollipop) of Google's Android operating system.
Banking Malware Allows to Lock and Reset Phone Passwords
The original attack that was uncovered by Trend Micro, called Operation Emmental, has been improved to enable malicious actors to now use SMS to issue commands that lets them control the hacked phone in real time. Attackers would have used this feature to reset passwords and even lock the phone.