Crimeware

Cybercrime is a quickly expanding, global industry operating in a major shadow economy that closely mimics the real business world, including profit-driven organized cybercrime. Money is the driving force behind the increase in targeted attacks against financial institutions, enterprises and government agencies.

During the last few years, there has been a significant rise in attempted and successful data breaches, focused on stealing valuable data that can be used or traded for profit. Financial and healthcare related information, single sign-on login credentials for organizations, and email exchanges are prime targets.

The cybercrime evolution is quite spectacular.

• The first phase consisted of the commercialization of malicious code (2006)
• It was followed by the use of code obfuscation as a means to bypass traditional signature-based solutions in order to propagate malicious code. (2006)
• The next stage was the introduction of evasive attacks, designed to evade anti-virus or the URL filtering solutions (2007)
• Cybercriminals then started to use Crimeware-as-a-Service to enhance their operations (2008)
• Cybercriminals started copying the structure and modus operandi of organized crime syndicates (2008)
• Malicious obfuscated code remains a favorite crime tool, and is now not only embedded in standalone or embedded scripts in HTML webpages, but also in rich-content files (2008)
• Rogueware affiliate networks started to use SEO techniques to distribute their rogue Anti-Virus Software for profit. Typos and misspelled keywords (such as "obbama" and "liscense") as well as trendy keywords taken from Google Trends system were abused to show compromised websites as top search results. (2009)
• A new cybercrime milestone was reached with the operations of an advanced trading network and botnet where compromised PCs are bought and sold for profit. (2009)
• Cybercriminals targeting online bank customers introduced an "Anti anti-fraud" method to minimize detection by the anti-fraud systems used by banks. They used a combination of Trojans and money mules. (2009)

M86's Web security solutions have evolved with the threat of cybercrime. Our products check for and stop crimeware at the network gateway — protecting users and confidential data.