Tuesday 11 March 2014

McAfee: POS malware can be ordered online threats jumped 197% issued report


Sellers offer BlackPOS (“Dump, CC Memory Grabber”) for purchase online.


Online marketplaces for stolen credit card numbers are thriving.

McAfee report released 2013 Q4 mobile platform malware threats jumped 197%

2013 fourth quarter, Target and other well-known retailers, consumer credit card information was leaked events, and McAfee's 2013 Q4 report that the malware used by attackers, is derived from 'cyber crime as a Service' ( Cybercrime-as-a-Service) communities.

In addition, McAfee also updated the malware data mobile platform - the company's called "Malware Zoo". Compared to last year, the situation did not diminish - soared 197%.

As ever (probably) the largest credit card information leak case together, despite its place in the point of sale POS system, but the company for the conclusion of the event, but it paints a depressing picture.

Vincent Weafer (McAfee Labs), senior vice president of McAfee Labs wrote: "What is more worrying is that the malicious software industry is how their customer service."

After buying a ready-made version of the POS network malware (Target's case, this stock is called BlackPOS), hackers also specifically modified it for their own use.

The McAfee After working with different organizations to extract and identify different data (domain name and user accounts, etc.), and returns the data to the hacker's code (as shown below).

The Target malware included hardcoded scripts to steal domain names, user accounts, and other data


Vincent Weafer added: "They even had a ready-made, highly efficient black market to sell stolen credit card information, and even includes an anonymous virtual currency payment system based POS raw materials, manufacturing, marketing, trading support - nothing is there. "

McAfee expects these stolen credit card data (reported 40 million), in Lampeduza Republic and other black market price, between one million to four million U.S. dollars.

McAfee's report, there are many noteworthy:

For example, malicious binary signature rise. McAfee said the distribution of content on the network, the "ambiguous" (dubious) more and more. CA certificate malware abuse cases are also quite common.

2013 fourth quarter, the company found that the more than 2.3 million malicious binaries signed, an increase of 52% over the third quarter. The amount of 2013 year was 5.7 million, which is already three times in 2012 and more.

McAfee wrote: "This threat is not only the proliferation of faster, are becoming increasingly complex."

As for the mobile platform, the number of malicious software also continues to climb. Total 2013 collected has reached 2.47 million, of which there are 744000 in the fourth quarter - an increase of 197 percent from a year ago.

McAfee did not pick out a platform, but given Android is already the world's most popular smartphone platform, these words are clearly not self evident.

McAfee noted that malware mobile platform, its mode of transmission and computer platforms roughly the same - be infected through the application, or web browsing. 2013, when the company tracked 200 new malware samples per minute.

Distribution, North America still "tops the list." Although the "hacker hotbed" "is on the rise in other countries and regions," but suspicious content and spam links to the United States is still "excellent."

Overall, the browser is still the most common malicious hacker attacks approaches.

This script sent credit card data to the Target attackers.
MtGox2014 Zip Contains One Malware: TibanneBackOffice.exe
MD5:c4e99fdcd40bee6eb6ce85167969348d
Virus Total Link
Detail from McAfee Report is available: Here

1 comment: