Welcome!

Cognitive Computing Authors: Yeshim Deniz, Pat Romanski, Liz McMillan, Elizabeth White, Zakia Bouachraoui

News Feed Item

Trusteer Research Identifies Five Most Dangerous Malware Trends for 2013

Trusteer, the leading provider of endpoint cybercrime prevention solutions, today released the Top Five Most Dangerous Malware Trends for 2013. According to Trusteer’s security research group the biggest threats facing financial institutions and enterprises next year will include attacks against the Google Chrome Browser, the emergence of native 64-bit Windows malware and crimeware that can detect and evade virtual machine, sandboxing, and other containment mechanisms. An infographic that summarizes the findings is available here.

Click to Tweet: @Trusteer releases top 5 most dangerous #malware trends for 2013 http://bit.ly/TAb3KO

“2012 was characterized by the increasing sophistication of malware’s ability to evade detection and the beginning of financial fraud platforms like Zeus, SpyEye and others crossing over to attack enterprise endpoints,” said Amit Klein, CTO of Trusteer and head of the company’s security research group. “We expect criminals to continue to innovate in 2013 and step up attacks against enterprises. Our researchers have identified evidence of what we believe will be the top five most dangerous trends in malware next year, including Google attacks, native 64-bit Windows malware and increasingly advanced evasion techniques.”

Five Most Dangerous Malware Trends of 2013

1) The emergence of malware targeting the Google Chrome browser

In 2012, Citadel and Zeus 2.1 (aka P2P Zeus, Gameover Zeus) began targeting Google Chrome with Man in the Browser (MitB) attacks.

Why it's dangerous: Google Chrome is no longer immune to MitB malware.

2) The emergence of native 64-bit Windows malware

In 2012, we began seeing financial malware developing native 64-bit Windows capabilities.

Why it's dangerous: 32-bit malware is handicapped when it runs on 64-bit machines. That’s because the 32-bit malware cannot see or penetrate the “native” 64-bit system processes it uses to evade detection. As malware variants start supporting 64-bit processes, they will once again be difficult to detect on 64-bit machines.

3) Detection-aware malware targeting enterprises

In 2012, both financial and non-financial malware variants were discovered that could detect virtualization, debugging, sandboxing and monitoring processes on the host machine. For example, a recent Shylock variant will not install when it detects a Remote Desktop session, most likely to avoid detection in a “lab” environment.

Why it's dangerous: These capabilities present a serious threat to virtual machine-based detection and protection products, since the malware would appear to be harmless to these security tools.

4) Big increase in new and modified financial malware families

In 2012, the number of completely new financial malware families almost doubled from three in 2011 to five in 2012. It’s important to note that many different configurations (variants) can exist within one malware family. We expect this trend to continue with even more new malware families introduced next year.

Why it's dangerous: More financial malware families mean more infections, longer detection times, and consequently more financial fraud incidents.

5) Malware lifecycle is accelerating

In 2012, the four phases of the malware lifecycle (incubation, outbreak, botnet and retirement) among the variants we investigated accelerated significantly compared to 2011. Because security products continue to improve detection, the window of opportunity for malware to remain undetected is decreasing. The incubation and outbreak phases decreased from one month or more in 2011 to approximately two weeks in 2012. We expect this time frame to shrink even further next year.

Why it's dangerous: The faster the malware lifecycle, the more difficult it is for security products to detect, block and remove malicious software. In an accelerated lifecycle environment, the fraud is already committed before traditional anti-virus/anti-malware products discover the malware.

About Trusteer

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect organizations against financial fraud and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect their computers and mobile devices from online threats that are invisible to legacy security solutions. Trusteer’s Cybercrime Prevention Architecture combines multi-layer security software with real-time threat intelligence to achieve sustainable protection against malware and phishing attacks and meet regulatory compliance requirements. Global organizations such as HSBC, Santander, The Royal Bank of Scotland, SunTrust and Fifth Third use Trusteer’s solutions and leading online banking providers such as First Data, Harland Financial Solutions, Intuit and S1 integrate with Trusteer to provide world-class protection for financial institutions of all sizes. www.trusteer.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
A valuable conference experience generates new contacts, sales leads, potential strategic partners and potential investors; helps gather competitive intelligence and even provides inspiration for new products and services. Conference Guru works with conference organizers to pass great deals to great conferences, helping you discover new conferences and increase your return on investment.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sp...
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. The IoT Global Network is a platform where you can connect with industry experts and network across the IoT community to build the successful IoT business of the future.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...