Fresh banking trojans as cybercriminals change tactics

The bi-annual report from M86 Security says that IT managers need to redouble their efforts to patch their IT systems, as next-generation malware is now on the way.

These new types of malware, says the company behind the report, are likely to include application code that takes advantage of social networking service users.

Bradley Anstis, M86 Security's vice president of technical strategy, said that the H2 2010 report shows that vulnerabilities already patched are continuing to be successfully used for malicious gain.

Organisations and individuals, he says, must get better at updating their applications and staying ahead of attacks on their devices and their networks.

"While the M86 Security Labs report notes that great strides are being made in thwarting cyber-criminal attempts, there is always something else coming through the back door", he noted.

Delving into the report shows that third-party phishing on the rise, largely as a result of cybercriminals realising that their malware is more effective if it piggybacks on users online banking sessions in real time.

In parallel with this, the report adds that email spam is declining, although it is a long way from being dead. During the second half of 2010, M86 Security says that spam was at the lowest levels seen since November 2008, largely owing to the rogue hosting provider McColo being taken offline.

One interesting feature of the latest malware trends highlighted in the report is the arrival of large volumes of exploit kits with virus scanners, along with social networking attacks.

As previously reported by M86, the popularity of exploit kits is on the rise. The newest trend, says the report, is that more kits are offering services to their customers, so turning them into more of a 'one stop shop' for cybercriminals

What’s hot on Infosecurity Magazine?