Other issues in this category (13)
Script kiddies on the offensive
Wednesday, January 30, 2019
Here are some interesting statistics we'd like you to know about:
CyberEdge Group conducted a survey, involving over 1,200 IT decisions makers and professionals from 17 countries, in order to determine the most effective course of action for encryption ransomware victims.
The study showed that over 55% of the organisations came under ransomware attacks, and 61.3% of them never paid the ransom. As many as 53.3% of those who refused to pay were able to recover their compromised data.
Only 38.7% of the companies did pay, and less than half of those (19.1%) were provided with decryption tools by the criminals. The remaining 19.6% lost their money as well as their information .
There are quite a few stories about honourable and responsible attackers who reduce the decryption ransom amount and even set up their own help desks. But the unbiased statistics show that few victims are actually able to get criminals' help in restoring their data. In a way, it's like heads or tails. Pay the ransom (it can be rather big!) and flip a coin: they will either send you the decryption key or they won't.
What does this mean? At the very least that cybercriminals can't be trusted. They don't care about their reputation, they’re just making money. And it also demonstrates how competent they are—many of them simply can't create data-recovery tools.
And these script kiddies will keep multiplying, while the cost of an attack will keep approaching zero:
And these script kiddies will keep multiplying, while the cost of an attack will keep approaching zero.
- Mounting a DDoS attack will cost $10 per hour or $200 per day. For the attack to persist for an entire week, one will have to pay $500-$1,200.
- A banking botnet can be rented for $750 per month (basic features) or $1,200 (all available features). To get support, one will have to pay another $150.
- Exploit kits are still expensive: renting Disdain will cost $1,400 per month, while more sophisticated software, such as Stegano, is being offered for $15,000 per month.
- ATM skimmers are sold for $700-$1,500 per item.
- The prices for malware capable of compromising specific applications, solutions, and platforms can vary greatly: $50 for a password-stealing program and $100 for a WordPress exploit, up to $1,500 for an Android downloader, or $650–$1,000 for a kit to build Microsoft Office exploits.
Hacking manuals and tutorials are also for sale: the prices run from $5-$50.
That is training fees start at $5, and it only costs 10 bucks to bring down a competitor's site for one hour. You will probably agree that the prices are quite reasonable.
Of course, numerous reports about millions of dollars being stolen from compromised accounts have created quite a reputation for banking Trojans. However, common malicious programs for Android (whose security leaves much to be desired) are cheap compared to how much a hacker can make.
According to Google's analysts, malicious programs infiltrating Google Play usually mimic other popular applications. Attackers often resort to IDN homograph attacks to deceive users and make them think that they are downloading legitimate programs. Even application titles can appear to be the same.
Over 700,000 malicious applications were removed from the catalogue during the year, and over 100,000 accounts belonging to unscrupulous developers were blocked. These figures are almost 70% higher than those for 2016.
Overall, more than 25,000 fake applications were deleted.
All in all, 700,000 Trojans and over 100,000 cybercriminals, and a 70% increase in the number of malicious programs on Google Play! And the application portal is being advertised as a secure source for downloading software. "Always install applications from the store". Well…
You don't need to talk to a fortune teller to understand that the trend will persist in 2019. And things are getting even worse because, in the past year, virus makers have been perfecting their techniques and toolkits, while media-fuelled paranoia has driven everyone to use secure communication channels.
According to Firefox Telemetry, the share of HTTPS requests is currently reaching 69.6% of the total.
In other words, a major portion of traffic can't be checked. That's where malicious scripts run uncontested in browsers!
The Anti-virus Times recommends
In 2019, our developers promise to equip Dr.Web with new security features! We can’t wait!