Wednesday, 27 July 2022

Cybercrime Information Center's YouTube Channel

My colleagues and I at Interisle have created a YouTube channel to complement the quarterly reporting and studies of cybercrime we host at the Cybercrime Information Center. Our goal is to share, in a few minutes, the findings and insights from our research in a format that's easily accessible and shareable, informative, and entertaining.  

The inaugural videos provide 2-5 minute summaries of our annual Phishing and Malware Landscape studies.

We'll continue to produce videos of our annual studies.  If you like what you see, leave us a comment.

Posted at 10:56 AM in Anti-Malware and Anti-phishing, Domain names and DNS | | Comments (0)

Monday, 20 June 2022

Malware Landscape 2022: unabated malware growth, continued exploitation of IoT devices

My colleagues at Interisle and I have published a study, Malware Landscape 2022: A Study of the Scope and Distribution of Malware. The study, which analyzed 2.5 million records of distinct malware events from May 2021 to April 2022 collected by the Cybercrime Information Center, explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.

Among the major findings in the study, we report that:

  • The most frequently reported malware targets Internet of Things devices - surveillance cameras, sensors, or embedded technologies.
  • Asia-Pacific networks host most IoT malware. China, India, and Australia represent 81% of malware that targeted IoT devices.
  • Information stealers, ransomware, and backdoors are the most prevalent “endpoint” malware, i.e., malicious software that targets tablets, mobile phones, laptops, and PCs.
  • Networks in the United States and China host the most endpoint malware and 8 of the 10 registrars with the most malware domains reported are headquartered in North America.
  • Domains registered in the new Top-level Domains (TLDs) are disproportionately attractive to malware attackers. The new TLDs represent only 8% of the domain name registration market, but they contained 24% of reported malware domains. By contrast, the country code TLDs represent 39% of the market, but only 26% of the reported malware domains.

We also found that malware attackers have made effective use of cloud services, including file sharing services, code repositories, and storage services. While most uses of anonymous file sharing and code repositories are well-intentioned, malware attackers have used these services to distribute source code, attack code, and files containing compromised credentials or cryptographic keys.

For our malware studies we develop and maintain a taxonomy that is based a classification proposed by the Computer Antivirus Research Organization (CARO). Our taxonomy extends that original effort in the context of cybercrimes as defined in the Council of Europe’s Convention on Cybercrime.  

A summary of the study can be found at https://www.cybercrimeinfocenter.org/malware-landscape-2022.

 

Happy reading!

Posted at 10:38 AM in All matters security, Anti-Malware and Anti-phishing | | Comments (0)

« Previous | Next »
Find me on Mastodon and Facebook

Spotlight Posts

  • Cybercrime Information Center reports sharp increases in phishing attacks, unique domains reported in August-October 2022 time period
    A recent ebb in domain names reported for phishing created some euphoria in the domain industry. With phishing activity, as with tides, ebbs are invariably followed by flows. In their August- October 2022 Quarterly Phishing Activity, the Cybercrime Information Center observed a 40% increase in phishing attacks and a nearly 20% increase in unique domain names reported for phishing.
  • Cybercrime Information Center's YouTube Channel
    My colleagues and I at Interisle have created a YouTube channel to complement the quarterly reporting and studies of cybercrime we host at the Cybercrime Information Center. Our goal is to share, in a few minutes, the findings and insights from our research in a format that's easily accessible and shareable, informative, and entertaining. The inaugural videos provide 2-5 minute summaries of our annual Phishing and Malware Landscape studies. We'll continue to produce videos of our annual studies. If you like what you see, leave us a comment.
  • Malware Landscape 2022: unabated malware growth, continued exploitation of IoT devices
    My colleagues at Interisle and I have published a study, Malware Landscape 2022: A Study of the Scope and Distribution of Malware. The study, which analyzed 2.5 million records of distinct malware events from May 2021 to April 2022 collected by the Cybercrime Information Center, explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.
  • New TLDs are coming #Dangerclose.
    A Domain Name Wire post, Time to pay attention to the next round of new TLDs, begins with an ominous: They’re coming. Eventually. While not as dramatic or enduring as Arnold Schwarzenegger's "I'll be back", the reporter cites policy activity at ICANN as evidence that new TLDs are coming. Eventually. In a September 2019 post, and in response to the ICANN memorandum, Readiness to Support Future Rounds of New gTLDs, I asked, Has enough been done to study and rectify the concentration of security threats in the new TLD space? In that post, I quoted correspondence from ICANN's security advisory...
  • Economic impact payments (EIP) Phishing: US citizens under attack from US bases of phishing operations
    Dave Piscitello and Dr. Colin Strutt As part of the US Covid-19 virus tax relief effort (American Rescue Plan Act of 2021, H.R.1319), the US Internal Revenue Service (IRS) issued a series of Economic Impact Payments to millions of eligible citizens. The third payment was authorized in March 2021. Criminals took note of this well-publicized program and put a phishing campaign together to profit by stealing and subsequently exploiting personal information of US citizens. Like many phishing campaigns, EIP phishing emails and text messages mimic correspondence to convince US citizens to submit personal information or an advance fee payment at...

Search

My Photo

Categories