The rise of information stealers and pay-per-install malware
Posted on 15.02.2012
Bookmark and Share
The fastest growing malware categories in the second half of 2011 were PPI (Pay-Per-Installs) and information stealers that target user credentials enabling the theft of key intellectual property and sensitive data, according to FireEye.


Cyber criminals are continuing to break through traditional defenses in an alarming rate that is further widening the $20 billion dollar security gap. This security gap refers to the $20 billion invested annually in IT security, which is easily evaded by cyber criminals to compromise the vast majority of enterprise networks.

In the second half of 2011, PPI downloaders, worms, backdoors and information stealers represented the four most prevalent categories of malware. PPIs are malware programs that charge a fee to download or distribute other malware programs. These programs differ from normal downloaders/droppers in that a PPI malware author gets paid for every successful install of another malware program. Of the top four malware categories, information stealers and backdoors present the greatest threat to enterprises.

In FireEye’s last report issued in August 2011, the company found a significant gap in today’s enterprise IT defenses, as advanced malware and targeted attacks are easily evading traditional defenses such as firewalls, intrusion prevention systems, antivirus and Web/email gateways. This trend has not changed.

In second half of 2011, FireEye found that 95 percent of enterprises have had malicious infections entering the network each week with 80 percent of the enterprises facing more than a hundred new cases per week.

The bottom line: today’s traditional security mechanisms are still not able to keep up with the highly dynamic, multi-stage attacks that have become common today with advanced targeted attacks.

As criminals conduct advanced targeted attack operations, enterprises must reinforce traditional defenses with a new layer of dynamic security that can detect these zero-day threats in real-time and thwart malware communications back to command and control centers. This extra defense layer needs to be designed specifically to fight the unknown and advanced persistent threat (APT) tactics that dominate advanced targeted attacks.

“Our latest report is further proof that cyber criminals are getting more savvy and bolder in their method of attacks,” said Ashar Aziz, Founder, CEO, and CTO, FireEye. “With the rise of information stealer malware, it’s more important than ever for companies in security conscious industries such as financial services, health care and government sectors to closely examine their current IT defense perimeter; determine if advanced malware is entering their networks unimpeded and prevent the theft of intellectual property.”





Spotlight

Attackers use reflection techniques for larger DDoS attacks

Posted on 17 April 2014.  |  Instead of using a network of zombie computers, newer DDoS toolkits abuse Internet protocols that are available on open or vulnerable servers and devices. This approach can lead to the Internet becoming a ready-to-use botnet for malicious actors.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Apr 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //