Menu
Cybercriminals use legitimate sites to launch attacks: Websense

Cybercriminals use legitimate sites to launch attacks: Websense

Report finds 85 per cent of malicious links in web or email attacks on legitimate websites

Cybercriminals are overwhelmingly using legitimate compromised websites to launch web or email attacks, according to the Websense Security Labs 2014 Threat report.

The report found 85 per cent of malicious links used in web or email attacks were located on compromised legitimate websites and details the growing global criminal-infrastructure-as-a-service economy through exploit kits and redirection chains.

Through an analysis of the latest attack methodology, Websense security researchers analyse the seven threat stages of advanced attacks. In addition, outcomes include the modification and repurposing of existing malware source code.

The report also found the average number of website redirects user per attack in 203 was four, while the maximum number of redirects used in a documented attack was 20.

Websites classified as business and economy, information technology, shopping and travel made the top ten list of compromised redirect destination categories.

The Magnitude and Neutrino exploit kits experienced the largest surge in adoption following the arrest of Blackhole’s creator, according to the report.

While 30 per cent of malicious executable files sampled included custom encryption of command and control communication or data exfiltration

Websense vice president of security research, Charles Renert, said cybercriminals continued to evolve their attack planning and execution to stay ahead of most existing security measures.

“While the determined, persistent attackers continue to have success in advanced, strategic attacks using zero-day exploits and advanced malware, there has also been a boom in cyber criminal activity on a massive scale,” he said.

“Even these more ‘common’ forms of attack are easily slipping past organisations without real-time defenses.”

The report also documents how the infrastructure of an attack campaign is constantly developed, enhanced and reused throughout the entire threat life cycle.

To avoid detection when reusing components in subsequent attacks, criminals are increasingly taking an approach that involves modification and modulation of existing attack tools.

Often, this means choosing to take advantage of a specific strength of a particular piece of malware to target new industries.

Websense security researchers observed the Zeus malware, which was originally designed as a financial threat and keylogging Trojan, dramatically increased in use as it was repurposed for other vertical markets.

According to the report, in the past year, the government and communications industries joined financial firms among the top five verticals targeted with Zeus malware.

The top two industries hit hardest with Zeus attacks were the services and manufacturing sectors.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags zero-day exploitsZeus malwareBlackholeMagnitude and Neutrino Exploit KitsWebsense Security Labs 2014 Threat reportCharles RenertWebsense vice president of security research

Featured

Slideshows

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Reseller News has honoured the leading female front runners of the New Zealand ICT industry at the 2019 Women in ICT Awards (WIICTA) in Auckland. The awards recognised standout individuals across six categories, spanning Entrepreneur, Rising Star, Shining Star, Community, Technical and Achievement. Photos by Gino Demeer.

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA
Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Show Comments