2012-10-24

- AVG’s latest Threat Report reveals how cybercriminals are developing new monetization methods -

AMSTERDAM & SAN FRANCISCO--(BUSINESS WIRE)--AVG Technologies, the provider of Internet and mobile security to 128 million active users, today released its Q3 2012 Community Powered Threat Report. This quarter’s report investigates a number of malicious software developments including the newly launched 2.0 version of the Blackhole Exploit Toolkit, the evolution in malware targeting mobile banking services, a surge in malicious ads targeting social network users and a trick to hide malware inside image files.

“Through our multi-layered security approach with real-time analysis at the endpoint, AVG has been detecting a much higher rate of Blackhole Toolkit-based attacks than other toolkits, as Blackhole’s creator seeks to stay ahead of their competition.”
Blackhole Exploit Toolkit 2.0

‘Commercial’ toolkit, Blackhole, continues to lead with 63 percent malware market share and almost 76 percent share of the toolkits market. With the ‘release’ of the Blackhole Exploit Toolkit 2.0 in September, it has increased its threat capabilities significantly and is set to grow its market share and impact even further. We can expect to see an upsurge in large scale attacks that will likely be more aggressive as a result of the new evasion techniques introduced in this latest version.

Prior to this in August, AVG Threat Labs identified an explosion of Blackhole attacks that targeted key social networks including Facebook and left users unable to log-on to their accounts or access any games or apps. Cybercriminals coordinated the attacks from multiple external advertising servers, which generated an exceptional increase from 250,000 attacks initially to over 1.6m recorded events within an eight hour period.

“Blackhole is a sophisticated and powerful exploit kit, mainly because it is polymorphic and its code is heavily obfuscated to evade detection by anti-virus solutions. The rapid update capabilities of the kit have also made it challenging for traditional antivirus vendors to track, which are the main reasons it has a high success rate,” said Yuval Ben-Itzhak, Chief Technology Officer at AVG Technologies. “Through our multi-layered security approach with real-time analysis at the endpoint, AVG has been detecting a much higher rate of Blackhole Toolkit-based attacks than other toolkits, as Blackhole’s creator seeks to stay ahead of their competition.”

Mobile banking attacks engineered with Zeus-in-the-Mobile

With the continued rapid uptake of mobile devices, mobile banking services come under the spotlight this quarter as an increasingly lucrative target for cybercriminals. ‘Traditional’ mobile monetization methods help criminals steal small amounts per victim to stay unnoticed. With these more advanced malware, which circumvents the two-factor authentication process some banks use, criminals can empty a victim’s bank account in one go. A 2012 PriceWaterhouseCoopers’ report projected that digital banking would become the norm globally by 2015, so these attacks can only be expected to become increasingly advanced and more prevalent.

Hiding malware in image files

Image files are typically considered safe as they aren’t executed. However, AVG has tracked a new attack looking at how a compromised webserver can be made to execute image files. Innocent looking image files can then be used to deliver malicious payload to unsuspecting visitors to the compromised website.

To download the full Q3 2012 Community Powered Threat Report, please visit: http://mediacenter.avg.com/en/press-tools/avg-threat-reports/avg-community-powered-threat-report-q3-2012.html

Keep up to date with our regular threat bulletins on the AVG News & Threats blog.

About the report

The AVG Community Protection Network is an online neighborhood watch, where community members work to protect each other. Information about the latest threats is collected from customers who participate in the product improvement program and shared with the community to make sure everyone receives the best possible protection.

The AVG Community Powered Threat Report is based on the Community Protection Network traffic and data collected from participating AVG users over a three-month period, followed by analysis by AVG. It provides an overview of web, mobile devices, spam risks and threats. All statistics referenced are obtained from the AVG Community Protection Network.

AVG has focused on building communities that help millions of online participants support each other on computer security issues and actively contribute to AVG’s research efforts.

Visit the AVG Media Center for the full Q3 Threat Report and previous reports at: mediacenter.avg.com

About AVG Technologies

AVG's mission is to simplify, optimize and secure the Internet experience, providing peace of mind to a connected world. AVG's powerful yet easy-to-use software and online services put users in control of their Internet experience. By choosing AVG's software and services, users become part of a trusted global community that benefits from inherent network effects, mutual protection and support. AVG has grown its user base to 128 million active users as of June 30, 2012 and offers a product portfolio that targets the consumer and small business markets and includes Internet security, PC performance optimization, online backup, mobile security, identity protection and family safety software.
www.avg.com

Keep in touch with AVG

For breaking news, follow AVG on Twitter at www.twitter.com/officialAVGnews
For small business security trends analysis, follow the AVG small business blog at small-business.blog.avg.com
Join our Facebook community at www.facebook.com/AVGfree
Join our LinkedIn community www.linkedin.com/groups?gid=2719797
Contacts

United Kingdom:
MSLGROUP for AVG
Lennard van Otterloo, + 44 (0)20 7878 3210
Lennard.vanotterloo@mslgroup.com
or
United States:
Finn Partners for AVG
Jeff Seedman, + 1 (415) 249-6763
seedmanj@ruderfinn.com
or
Investor Relations:
AVG Technologies
Anne Marie McCauley
AnneMarie.McCauley@avg.com

Show more