The week in security: Linux Trojan bows as industrious cybercrims abound

Concerned about your anonymity online? All you have to do is stop using Windows – and disable JavaScript – according to the authors of the TOR Project, whose protections are apparently undermined by a newfound Firefox vulnerability.

Also undermined were the Lavabit and Silent Circle anonymous email services, felled by legal battles (Lavabit was the service used by infamous NSA leaker Edward Snowden). Lavabit’s founder later expanded on the reasons why, which are attributed to increased pressure by US authorities under national-security provisions.

The FBI has taken its own stab at anonymity with a new one-way portal for reporting cyber crime, called iGuardian. Crime-fighters are also dealing with the need for new strategies in unstructured data analysis, as well as a need to face new realities as one company’s audit figures suggest 63 per cent of organisations already have malware running on their networks.

The US government is considering a range of options to incentivise better cybersecurity, with work commencing on a cybersecurity framework due early in 2014. The government may also want to be considering how to maximise its culture of openness as maximise its culture of openness as estimates suggest it could lose $35 billion in business revenue to overseas companies following exposure of its NSA surveillance programs.

One survey of malicious online activity found that phishing attacks are dropping as cybercriminals shift their server resources to running distributed denial of service (DDoS) attacks.

However, DDoS isn’t the only growth area in the cybercriminal arena: Malware-as-a-service offerings are, according to one study, blossoming in Russia – which is also becoming a haven for toll fraud and malware ‘startups’ including a resourceful firm charging $US1000 ($A2190) for the new Linux-based ‘Hand of Thief” Trojan.

Russia isn’t the only country fostering a new breed of malware architects: Latvia’s foreign minister has complained about US attempts to extradite an alleged author of the Gozi data-stealing Trojan. Also on the international front, the Serious Fraud Office was in damage-control mode after and 81 tapes that formed part of a Saudi Arabian arms case. Also on the ‘oops’ front, the Bank of Scotland was hit with a £75,000 ($110,000) fine after it was found to be repeatedly faxing customers’ details to the wrong people.

Bank of Scotland may be giving away customers’ personal information, but Australian customers are the third most-susceptible in the world to doing the same on their own after a Trend Micro survey found near world-leading rates of banking malware infection. Blogs and other content-management sites were being targeted by password thieves, while content-management interests were drumming up support for a movement to do away with CAPTCHA user-authentication dialogues.

Others were exploring the possibilities of a new scheme for tracing the origin of spam text messages, while UK PM David Cameron was pushing for boycotts of troll-hosting social networks as well as attracting derision from Wikipedia founder Jimmy Wales about Cameron’s plans to introduce default pornography filters to all UK services.

Some were asking whether US and other governments’ bans on Lenovo equipment – found to have firmware backdoors – should be duplicated by private companies. Interestingly enough, nobody was asking the same question about Google’s phones, which became easier to track after Google began rolling out its Android Device Manager. Google was, however, copping heat over the fact that the company’s Chrome Web browser can reveal saved passwords to anyone that uses your computer.

There was some good news in amongst all this trouble: cybersecurity professionals among the most sought-after in the IT sector. Meanwhile, hackers at three US security conferences were talking not only about code-based penetration but the nuances of social engineering. Other interesting demonstrations included a researcher who used JavaScript to build a distributed, secure file system that functions as a botnet.

What could possibly go wrong?

Join the CSO newsletter!

Error: Please check your email address.

More about FBIGoogleLenovoLinuxNSATrend Micro AustraliaWikipedia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts