Crimeware: Difference between revisions
m Reverted edits by 209.147.50.9 to last version by Trevor MacInnis (HG) |
|||
| Line 3: | Line 3: | ||
Crimeware (as distinct from [[spyware]], [[adware]], and [[malware]]) is designed (through [[Social engineering (computer security)|social engineering]] or technical stealth) to perpetrate [[identity theft]] in order to access a computer user's online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the thief controlling the crimeware. Crimeware also often has the intent to export confidential or sensitive information from a network for financial exploitation. Crimeware represents a growing problem in [[network security]] as many malicious code threats seek to pilfer confidential information. |
Crimeware (as distinct from [[spyware]], [[adware]], and [[malware]]) is designed (through [[Social engineering (computer security)|social engineering]] or technical stealth) to perpetrate [[identity theft]] in order to access a computer user's online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the thief controlling the crimeware. Crimeware also often has the intent to export confidential or sensitive information from a network for financial exploitation. Crimeware represents a growing problem in [[network security]] as many malicious code threats seek to pilfer confidential information. |
||
== Examples == |
|||
Cybercriminals use a variety of techniques to steal confidential data through crimeware, including through the following methods: |
|||
* Crimeware can surreptitiously install [[Keystroke logging|keystroke logger]]s to collect sensitive data—login and password information for online bank accounts, for example—and report them back to the thief.<ref>"Cyberthieves Silently Copy Your Password" ''The New York Times'', http://www.nytimes.com/2006/02/27/technology/27hack.html?ex=1163998800&en=5599d5982c64f082&ei=5070</ref> |
|||
* A crimeware program can also redirect a user's [[web browser]] to a counterfeit website controlled by the thief even when the user types the website's proper [[domain name]] in the [[address bar]]. |
|||
* Crimeware threats can steal [[passwords]] cached on a user's system. <ref name="Symantec">''Symantec Internet Security Report'', Vol. IX, March 2006, p. 71</ref> |
|||
* Crimeware can wait for the user to log into their account at a financial institution, then drain the account behind the scenes. |
|||
* Crimeware can enable remote access into applications, allowing hackers to break into networks for malicious purposes. |
|||
== Delivery vectors == |
== Delivery vectors == |
||
Revision as of 18:29, 20 October 2008
Crimeware is a class of malware designed specifically to automate financial crime. The term was coined by Peter Cassidy, Secretary General of the Anti-Phishing Working Group to distinguish it from other kinds of malevolent programs. [citation needed]
Crimeware (as distinct from spyware, adware, and malware) is designed (through social engineering or technical stealth) to perpetrate identity theft in order to access a computer user's online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorized transactions that enrich the thief controlling the crimeware. Crimeware also often has the intent to export confidential or sensitive information from a network for financial exploitation. Crimeware represents a growing problem in network security as many malicious code threats seek to pilfer confidential information.
Delivery vectors
Crimeware threats can be installed on victims' computers through a number of delivery vectors, including:
- Vulnerabilities in Web applications. The Bankash.G Trojan, for example, exploited an Internet Explorer vulnerability to steal passwords, monitor user input on webmail and online commerce sites. [1]
- Targeted attacks sent via SMTP. These social-engineered threats often arrive disguised as a valid e-mail messages and include specific company information and sender addresses. The malicious e-mails use social engineering to manipulate users to open the attachment and execute the payload.[2]
- Peer-to-peer file sharing networks can exploit open ports to install crimeware programs
Concerns
Crimeware can have a significant economic impact due to loss of sensitive and proprietary information, not to mention the associated financial losses. One survey estimates that organizations, in 2005, lost in excess of $30 million due to the theft of proprietary information.[3] Additionally, for businesses, the theft of financial or confidential information from corporate networks often places the organizations in violation of government and industry-imposed regulatory requirements that attempt to ensure that financial, personal, and confidential information is not altered or stolen by criminals. These laws and regulations include:
- Sarbanes-Oxley Act
- Health Insurance Portability and Accountability Act (HIPAA)
- Gramm-Leach-Bliley Act
- Family Educational Rights and Privacy Act
- California Senate Bill 1386
- Payment Card Industry Data Security Standard
References
- ^ Cite error: The named reference
Symantecwas invoked but never defined (see the help page). - ^ "Protecting Corporate Assets from E-mail Crimeware," Avinti, Inc., p.1, http://www.avinti.com/download/market_background/whitepaper_email_crimeware_protection.pdf
- ^ CSI/FBI Computer Crime and Security Survey 2005, p.15