Cybercriminals using legitimate sites to launch attacks: Websense

Cybercriminals continue to evolve their attack planning and execution to stay ahead of most existing security measures.

Published Date
08 - Apr - 2014
| Last Updated
08 - Apr - 2014
 
Cybercriminals using legitimate sites to launch attacks: Websense

The 2014 report from Websense Security Labs, a US computer security software company has found that 85 percent of malicious links used in web attacks are located on compromised legitimate websites. The firm says that the websites classified as business and economy, information technology, shopping and travel constituted the top ten compromised sites in its list.

The firm's security researchers analyzed the seven threat stages of advanced attacks including the modification and repurposing of existing malware source code. 30 percent of the malicious executable files sampled included custom encryption of command and control communication which is also called data exfiltration.

The report found that the average number of website redirects user per attack in 203 was four, while the maximum number of redirects used in a documented attack was 20.

Vice President of security research at Websense, Charles Renert said, "While the determined, persistent attackers continue to have success in advanced, strategic attacks using zero-day exploits and advanced malware, there has also been a boom in cyber criminal activity on a massive scale." He added that cybercriminals continued to evolve their attack planning and execution to stay ahead of most existing security measures.

The firm found that the Zeus malware dramatically increased in use as it was repurposed for other vertical markets. The malware was originally designed as a financial threat and keylogging Trojan. The report adds that during the past year, the government and communications industries joined financial firms among the top five verticals targeted with Zeus malware.

India was the third most attacked country by Zeus malware.

Source: CSO