F-Secure Labs Security Review 2010, Part 2
Helsinki, Finland – October 12, 2010: Highlights in the F-Secure Labs Security Review for the period June-September 2010 include spam attacks on social networks, the Stuxnet worm targeting industrial systems, the danger of a global worm outbreak on iOS, and a major banking fraud case in the UK. For the full Security Review, see http://www.f-secure.com/en_EMEA/security/security-threats/threat-summaries/2010.html.
Spam in Social Networks
Social networks are being targeted by more spam and malware than ever before. Websites like Facebook and Twitter are attractive to malware writers because they spread information quickly, but this also means that Twitter and Facebook users can stop the spread of malware faster than before.
Sean Sullivan, Security Advisor at F-Secure, says, “Social networks have built-in antibodies – their users. Whereas the malicious attacks of yesteryear took weeks or even months to develop, the recent Twitter attacks peaked and ebbed in just two and a half hours.” A video with Sean Sullivan and Mikko Hypponen on spam 2.0 is available at YouTube.
Stuxnet targets industrial infrastructure
The highly complex Stuxnet Windows worm, discovered in June 2010, is the first malware to target specific industrial systems. It spreads via USB sticks and can also spread by copying itself to network shares if they have weak passwords once it is inside an organization. After infecting the system, Stuxnet hides itself with a rootkit and checks if the infected computer is connected to a Siemens Simatic (Step7) factory system. Stuxnet can make complex modifications to the system.
Stuxnet has infected hundreds of thousands of computers around the world but the large number of infections in Iran has led to speculation that it was designed by a government trying to sabotage Iran’s nuclear program. Read F-Secure’s Q&A about Stuxnet: http://www.f-secure.com/weblog/archives/00002040.html
Mobile security developments
The biggest security story on the mobile front has been the jailbreakme.com website, which made it possible to jailbreak an iPhone, iPad or iPod Touch simply by visiting the website with the device. Jailbreakme.com used an exploit to execute code on the device. Mikko Hypponen, Chief Research Officer at F-Secure, says, “Anyone could have used the same vulnerability to execute malicious code on iPhones and iPads, which could have resulted in the first global mobile worm outbreak. Luckily this did not happen and Apple released a new version of iOS to patch the vulnerability on most of their platforms.”
Since 2004 there have only been 517 families of mobile viruses, worms and trojans. Some mobile malware authors have now made money, so F-Secure expects to see a lot more activity in this area. See Mikko Hypponen’s video about the latest mobile malware attacks at YouTube.
Charges in major banking fraud case in the UK
In September 2010, a police investigation into the theft of at least £6m from online bank accounts has resulted in globally more than 100 arrests and charges against ten people for conspiracy to defraud and money laundering. The people are accused of using the Zeus trojan to get access to the online banking login details of at least 600 accounts with HSBC, the Royal Bank of Scotland, Barclays Bank and Lloyds TSB. By infecting weakly protected computers, the gang was able to steal the online credentials and manipulate the web browsing sessions of their victims by creating an additional page that requested passwords, PIN and card numbers. Read more about the case at http://www.f-secure.com/weblog/archives/00002037.html
F-Secure – Protecting the irreplaceable
While you concentrate on what is important to you, we make sure you are protected and safe online whether you are using a computer or a smartphone. We also backup and enable you to share your important files. Our services are available through over 200 operators around the world and trusted in millions of homes and businesses. Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd.
f-secure.com | twitter.com/fsecure | facebook.com/f-secure
For more information, please contact
Tel. +49 176 700 36 664