Welcome!

Cognitive Computing Authors: Elizabeth White, Liz McMillan, Yeshim Deniz, Shelly Palmer, Rajeev Kozhikkattuthodi

News Feed Item

Trusteer Research Identifies Five Most Dangerous Malware Trends for 2013

Trusteer, the leading provider of endpoint cybercrime prevention solutions, today released the Top Five Most Dangerous Malware Trends for 2013. According to Trusteer’s security research group the biggest threats facing financial institutions and enterprises next year will include attacks against the Google Chrome Browser, the emergence of native 64-bit Windows malware and crimeware that can detect and evade virtual machine, sandboxing, and other containment mechanisms. An infographic that summarizes the findings is available here.

Click to Tweet: @Trusteer releases top 5 most dangerous #malware trends for 2013 http://bit.ly/TAb3KO

“2012 was characterized by the increasing sophistication of malware’s ability to evade detection and the beginning of financial fraud platforms like Zeus, SpyEye and others crossing over to attack enterprise endpoints,” said Amit Klein, CTO of Trusteer and head of the company’s security research group. “We expect criminals to continue to innovate in 2013 and step up attacks against enterprises. Our researchers have identified evidence of what we believe will be the top five most dangerous trends in malware next year, including Google attacks, native 64-bit Windows malware and increasingly advanced evasion techniques.”

Five Most Dangerous Malware Trends of 2013

1) The emergence of malware targeting the Google Chrome browser

In 2012, Citadel and Zeus 2.1 (aka P2P Zeus, Gameover Zeus) began targeting Google Chrome with Man in the Browser (MitB) attacks.

Why it's dangerous: Google Chrome is no longer immune to MitB malware.

2) The emergence of native 64-bit Windows malware

In 2012, we began seeing financial malware developing native 64-bit Windows capabilities.

Why it's dangerous: 32-bit malware is handicapped when it runs on 64-bit machines. That’s because the 32-bit malware cannot see or penetrate the “native” 64-bit system processes it uses to evade detection. As malware variants start supporting 64-bit processes, they will once again be difficult to detect on 64-bit machines.

3) Detection-aware malware targeting enterprises

In 2012, both financial and non-financial malware variants were discovered that could detect virtualization, debugging, sandboxing and monitoring processes on the host machine. For example, a recent Shylock variant will not install when it detects a Remote Desktop session, most likely to avoid detection in a “lab” environment.

Why it's dangerous: These capabilities present a serious threat to virtual machine-based detection and protection products, since the malware would appear to be harmless to these security tools.

4) Big increase in new and modified financial malware families

In 2012, the number of completely new financial malware families almost doubled from three in 2011 to five in 2012. It’s important to note that many different configurations (variants) can exist within one malware family. We expect this trend to continue with even more new malware families introduced next year.

Why it's dangerous: More financial malware families mean more infections, longer detection times, and consequently more financial fraud incidents.

5) Malware lifecycle is accelerating

In 2012, the four phases of the malware lifecycle (incubation, outbreak, botnet and retirement) among the variants we investigated accelerated significantly compared to 2011. Because security products continue to improve detection, the window of opportunity for malware to remain undetected is decreasing. The incubation and outbreak phases decreased from one month or more in 2011 to approximately two weeks in 2012. We expect this time frame to shrink even further next year.

Why it's dangerous: The faster the malware lifecycle, the more difficult it is for security products to detect, block and remove malicious software. In an accelerated lifecycle environment, the fraud is already committed before traditional anti-virus/anti-malware products discover the malware.

About Trusteer

Boston-based Trusteer is the leading provider of endpoint cybercrime prevention solutions that protect organizations against financial fraud and data breaches. Hundreds of organizations and millions of end users rely on Trusteer to protect their computers and mobile devices from online threats that are invisible to legacy security solutions. Trusteer’s Cybercrime Prevention Architecture combines multi-layer security software with real-time threat intelligence to achieve sustainable protection against malware and phishing attacks and meet regulatory compliance requirements. Global organizations such as HSBC, Santander, The Royal Bank of Scotland, SunTrust and Fifth Third use Trusteer’s solutions and leading online banking providers such as First Data, Harland Financial Solutions, Intuit and S1 integrate with Trusteer to provide world-class protection for financial institutions of all sizes. www.trusteer.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
SYS-CON Events announced today that Yuasa System will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Yuasa System is introducing a multi-purpose endurance testing system for flexible displays, OLED devices, flexible substrates, flat cables, and films in smartphones, wearables, automobiles, and healthcare.
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
Organizations do not need a Big Data strategy; they need a business strategy that incorporates Big Data. Most organizations lack a road map for using Big Data to optimize key business processes, deliver a differentiated customer experience, or uncover new business opportunities. They do not understand what’s possible with respect to integrating Big Data into the business model.
Nordstrom is transforming the way that they do business and the cloud is the key to enabling speed and hyper personalized customer experiences. In his session at 21st Cloud Expo, Ken Schow, VP of Engineering at Nordstrom, will discuss some of the key learnings and common pitfalls of large enterprises moving to the cloud. This includes strategies around choosing a cloud provider(s), architecture, and lessons learned. In addition, he’ll go over some of the best practices for structured team migrat...
Coca-Cola’s Google powered digital signage system lays the groundwork for a more valuable connection between Coke and its customers. Digital signs pair software with high-resolution displays so that a message can be changed instantly based on what the operator wants to communicate or sell. In their Day 3 Keynote at 21st Cloud Expo, Greg Chambers, Global Group Director, Digital Innovation, Coca-Cola, and Vidya Nagarajan, a Senior Product Manager at Google, will discuss how from store operations...
Recently, REAN Cloud built a digital concierge for a North Carolina hospital that had observed that most patient call button questions were repetitive. In addition, the paper-based process used to measure patient health metrics was laborious, not in real-time and sometimes error-prone. In their session at 21st Cloud Expo, Sean Finnerty, Executive Director, Practice Lead, Health Care & Life Science at REAN Cloud, and Dr. S.P.T. Krishnan, Principal Architect at REAN Cloud, will discuss how they bu...
SYS-CON Events announced today that Dasher Technologies will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Dasher Technologies, Inc. ® is a premier IT solution provider that delivers expert technical resources along with trusted account executives to architect and deliver complete IT solutions and services to help our clients execute their goals, plans and objectives. Since 1999, we'v...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities – ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups. As a result, many firms employ new business models that place enormous impor...
SYS-CON Events announced today that TidalScale, a leading provider of systems and services, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. TidalScale has been involved in shaping the computing landscape. They've designed, developed and deployed some of the most important and successful systems and services in the history of the computing industry - internet, Ethernet, operating s...
SYS-CON Events announced today that Taica will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Taica manufacturers Alpha-GEL brand silicone components and materials, which maintain outstanding performance over a wide temperature range -40C to +200C. For more information, visit http://www.taica.co.jp/english/.
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
As hybrid cloud becomes the de-facto standard mode of operation for most enterprises, new challenges arise on how to efficiently and economically share data across environments. In his session at 21st Cloud Expo, Dr. Allon Cohen, VP of Product at Elastifile, will explore new techniques and best practices that help enterprise IT benefit from the advantages of hybrid cloud environments by enabling data availability for both legacy enterprise and cloud-native mission critical applications. By rev...
SYS-CON Events announced today that Datera will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Datera offers a radically new approach to data management, where innovative software makes data infrastructure invisible, elastic and able to perform at the highest level. It eliminates hardware lock-in and gives IT organizations the choice to source x86 server nodes, with business model option...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
Infoblox delivers Actionable Network Intelligence to enterprise, government, and service provider customers around the world. They are the industry leader in DNS, DHCP, and IP address management, the category known as DDI. We empower thousands of organizations to control and secure their networks from the core-enabling them to increase efficiency and visibility, improve customer service, and meet compliance requirements.
Digital transformation is changing the face of business. The IDC predicts that enterprises will commit to a massive new scale of digital transformation, to stake out leadership positions in the "digital transformation economy." Accordingly, attendees at the upcoming Cloud Expo | @ThingsExpo at the Santa Clara Convention Center in Santa Clara, CA, Oct 31-Nov 2, will find fresh new content in a new track called Enterprise Cloud & Digital Transformation.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp emp...
Smart cities have the potential to change our lives at so many levels for citizens: less pollution, reduced parking obstacles, better health, education and more energy savings. Real-time data streaming and the Internet of Things (IoT) possess the power to turn this vision into a reality. However, most organizations today are building their data infrastructure to focus solely on addressing immediate business needs vs. a platform capable of quickly adapting emerging technologies to address future ...
SYS-CON Events announced today that Avere Systems, a leading provider of hybrid cloud enablement solutions, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Avere Systems was created by file systems experts determined to reinvent storage by changing the way enterprises thought about and bought storage resources. With decades of experience behind the company’s founders, Avere got its ...