Cybercriminals Lurk In Dark Corners Of Trusted Web Sites - InformationWeek
IoT
IoT
Software // Enterprise Applications
News
9/18/2007
09:56 AM
50%
50%
RELATED EVENTS
Faster, More Effective Response With Threat Intelligence & Orchestration Playboo
Aug 31, 2017
Finding ways to increase speed, accuracy, and efficiency when responding to threats should be the ...Read More>>

Cybercriminals Lurk In Dark Corners Of Trusted Web Sites

Think you're safe on your favorite Web site? You might want to think again. Symantec reports cybercriminals are increasingly exploiting them to target trusting users.

Like animal predators lying in wait for their prey to come to them, cybercriminals are increasingly exploiting trusted environments to target their victims.

That's the word from Symantec's latest Internet Security Threat Report, which was released this week. The report shows that between Jan. 1 and June 30, Symantec found attackers increasingly targeting victims by exploiting vulnerabilities in trusted environments, such as popular financial, social networking, and career recruitment Web sites.

Symantec also reported that 61% of all vulnerabilities disclosed were in Web applications. Once a trusted Web site has been compromised, criminals can use it as a base for distributing malicious code to users visiting the site.

Just last week, hackers attacked the Web site for the U.S. Consulate in Russia, planting malicious code that would infect visitors. And several weeks before that, hackers stole more than a million pieces of information on people using two online job sites that ran a fraudulent ad infected with the Prg Trojan.

"This attack method allows cybercriminals to wait for their victims to come to them versus actively seeking out targets," researchers noted in the Threat Report. "Social networking Web sites are particularly valuable to attackers since they provide access to a large number of people, many of whom trust the site and its security. These Web sites can also expose a lot of confidential user information that can then be used in attempts to conduct identity theft, online fraud, or to provide access to other Web sites from which attackers can deploy further attacks."

The threat report also noted that cybercriminals are continuing to become more professional -- even commercializing their efforts. They're taking a business approach to the development, distribution, and use of malicious code.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
[Interop ITX 2017] State Of DevOps Report
[Interop ITX 2017] State Of DevOps Report
The DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll