“Crimeware” is the latest label given to the technology toolkit criminals (and wanna-be kiddies) use to get information on Internet users’ identities for fraudulent purposes — or just for fun and the 15 minutes of fame in the case of kiddies.
A report by the Anti Phishing Working Group (download link) lists common penetrating mechanisms:
- Attachments sent via email or instant message – or in an apparently
discarded hardware devices such as USB keys;
- Piggybacking schemes in which crimeware is embedded into another piece
of software such as an apparent shareware application;
- Internet Worms that exploit vulnerabilities within networks and PCs to
propagate themselves and install back doors and other crimeware
- Web Browser Exploits in which browser vulnerabilities are leveraged to
directly infect PCs from the compromised server by the pages being
viewed or by injecting crimeware code remotely via scripting exploits
into the PC;
- Distribution via Hacking in which crimeware is installed manually by
hackers who have discovered or exploited vulnerabilities that give them
access and control of a PC;
- Distribution via Affiliate Marketing in which marketing programs
provide incentives to 1) install malware on visitors PCs, some of which
can be later exploited to plant crimeware or 2) to directly install
crimeware on visitors’ PCs.
While this does not sound new, really, it report is a truly nice textbook approach explaining how these attacks work, backed up with some nice statistics, too. It makes a good read for people with an intermediate knowledge of Internet technology; and it provides ideas for countermeasures against the featured modes of attack.
Download, read, enaction, … and distribute.