the-frontline

Microsoft's Trustworthy Computing tour: Europe's booming cybercrime business

  • Tweet this

Concept image representing virus malware

At the start of June V3 was in Helsinki to learn about the biggest security threats facing the world from renowned F-Secure security chief Mikko Hypponen.

During our visit we heard about several interesting areas of concern, including the big bad Flame malware, but also several older existing threats like the BlackHole automated attack kit and the alarming extend to which these threats are growing.

Now, V3 is in Seattle to hear from Microsoft's Trustworthy Computing (TwC) division experts and gather their thoughts on the situation and they have pointed out many of the same issues as Hypponen, giving businesses plenty of food for thought.

Trojans at the gates
Speaking to TwC director Tim Rains we learned that there's been a dramatic increase in the number of Trojans targeting European banks.

While we're not surprised that there's been an increase, after all pretty much every security expert under the sun has reported a global boom, we were surprised just how big the European growth has been, and where it's coming from.

While no one will really be surprised that Romania saw the biggest threat boom - after all Eastern Europe is known as a cyber criminal hotbed - the most disturbing thing we learned is that some countries which are traditionally "safe" have become Trojan hotspots.

For example, Germany, once a hallmark of solid cyber security, is now threatened by so many banking Trojans it faces more threats than the US - traditionally the most targeted country in the word.

The worst offender is called EyeStye. EyeStye is a particularly nasty banking Trojan related to Zeus, and that, like Blackhole, can be bought as a malware kit over certain online black markets.

According to Rains, Microsoft detected more than double yethe number of SypEye attacks in Germany than in the US during 2011.

The company also reported detecting similar spikes in other traditionally "safe" areas such as Italy and Austria.

Malware supermarkets
Rains also reiterated Hypponen's view that cyber criminals are evolving and becoming more organised, creating surprisingly efficient new business models.

This was demonstrated by the number of "kit" malwares being uncovered in Europe, with EyeStye, Blackhole and Zbot were consistently mentioned.

All these Trojans are available for purchase online as kits that can be set up mount automated attacks fairly easily - meaning you no longer have to be a computer genius to be a cyber criminal.

Considering these kits are available for as little as $5,000 on the Tor network - a network favoured by criminals as it works to stop its users being tracked - and can quickly turn around profits as much as 20 times that if set up correctly, it's never been rocket science why poorer economies use these kits.

What's disturbing us is the unexpected shift to traditionally "clean" areas like Germany and the lack of clarity even amongst professionals as to why this is.

Has Europe's tightening purse strings caused computer savvy youths to turn to cyber crime? Are malware kits' rock bottom prices proving too good a deal to resist? We don't know, but whatever the answer the change is concerning.

20 Jun 2012

What do you think?
blog comments powered by Disqus
To send to more than one email address, simply separate each address with a comma.