Wednesday February 19, 2020
Home Lead Story Study Warns D...

Study Warns Dark Web Listings of Malware on the Rise

The research was presented at the InfoSecurity Europe conference in Olympia, London

0
//

There has been a 20 per cent rise in the dark net listings of malware targeting enterprises, warns a study.

The dark net is that part of the Internet which is inaccessible when using standard browsers like Google.

The study by cybersecurity company Bromium and researchers at the University of Surrey in Britain found that four in 10 dark net vendors are selling targeted hacking services aimed at FTSE 100 and Fortune 500 businesses.

Furthermore, access to corporate networks is sold openly, with 60 per cent of vendors approached by researchers offering access to more than ten business networks each.

Of the dark net vendors who were engaged, 70 per cent invited researchers to talk on encrypted messaging applications, like Telegram, to take conversations beyond the reach of law enforcement.

cyber criminal
It said the malware is hard to detect, due to encryption and other tactics. Pixabay

More than 40 per cent of attempts by researchers to request dark net hacking services targeting companies in the Fortune 500 or FTSE 100 received positive responses from dark net vendors, the study said.

“Almost every vendor offered us tailored versions of malware as a way of targeting specific companies or industries. The more targeted the attack, the higher the cost, with prices rising even further when it involved high-value targets like banks,” said Mike McGuire, Senior Lecturer in Criminology at the University of Surrey.

“The most expensive piece of malware found was designed to target ATMs and retailed for approximately $1,500,” McGuire said.

Also Read- Google, US Budget Office Seek Huawei Ban Reprieve: Report

These services typically come with service plans for conducting the hack, with prices ranging from $150 to $10,000 depending on the company involved and the extent to which the malware was customised for targeted attacks, said the study.

The research was presented at the InfoSecurity Europe conference in Olympia, London. (IANS)

Next Story

Coronavirus-Themed Spam Spreads “Emotet Malware”

Emotet is an advanced, self-propagating and modular Trojan

0
Coronavirus
There has also been a surge in scam websites using coronavirus in their domain names, allegedly selling vaccinations against the virus. VOA

At a time when the deadly coronavirus is taking a toll on the tech industry with the Mobile World Congress (MWC) 2020 getting cancelled, a coronavirus-themed spam is spreading Emotet malware, security researchers said on Tuesday.

According to researchers at Israeli cybersecurity firm Check Point Research, the coronavirus-themed campaign targeted Japan, in malicious email attachments feigning to be sent by a Japanese disability welfare service provider.

The emails appear to be reporting where the infection is spreading in several Japanese cities, encouraging the victim to open the document which, if opened, attempts to download Emotet on their computer.

“Alongside the malicious coronavirus spam campaigns, which we expect to become even more widely spread over the coming days, our research shows there has also been a surge in scam websites using coronavirus in their domain names, allegedly selling vaccinations against the virus,” Venugopal N, Director-Security Engineering, Check Point Software Technologies, said in a statement.

The report also identified a malicious Lokibot sample — which is the eighth most popular malware this month — targeting Indonesia, with emails sent about how people in Indonesia can best protect themselves against the virus.

Matrix, Communication, Software, Pc, Virus, Computer
At a time when the deadly coronavirus is taking a toll on the tech industry with the Mobile World Congress (MWC) 2020 getting cancelled, a coronavirus-themed spam is spreading Emotet malware. Pixabay

Emotet is an advanced, self-propagating and modular Trojan.

It was originally a banking Trojan, but recently has been used as a distributor of other malware or malicious campaigns.

ALSO READ: New Malware Can Fake Incoming Calls to Steal Banking Details: Kaspersky

It uses multiple methods to maintain persistence and evasion techniques to avoid detection. It can also spread through phishing spam emails containing malicious attachments or links. (IANS)