Beruflich Dokumente
Kultur Dokumente
January 2014
Introduction
The malware industry supplies all the components
cybercriminals need to easily perpetrate malware-driven
financial fraud and data theft. In todays virtual world, the
scope of organizations vulnerable to malware-driven
cybercrime is quite broad. In addition to banks and credit
unions that are subject to online banking fraud, financial fraud
can be perpetrated on insurance companies, payment services,
large e-commerce companies, airlines and many others.
Most attacks do not target an organizations systems directly,
but rather, their customer and employee endpoints. The reason
for this is that organizations have invested substantially in
multiple layers of security, such as firewalls, intrusion
prevention systems and anti-virus gateways, in order to filter
out cybercriminals on the perimeter. Conversely, for endpoint
security, organizations have leveraged anti-virus software,
which often detects less than 40 percent of financial malware.1
Consequently, cybercriminals focus efforts on conducting
malware-driven cybercrime, utilizing malware on user
endpoints to commit financial fraud and steal sensitive data.
Successfully orchestrating fraud requires in-depth understanding of malware technology and how to set up the supporting
infrastructureoften referred to as cybercrime prepping.
As with most other disciplines, materials on how to perpetrate
online banking fraud are readily available for free on the web,
including documents, forums and even training videos. In addition, more formalized training is available for a fee.
Furthermore, recent research by Trusteer, an IBM company,2
has identified training courses for creating malicious botnets
that is, networks of compromised endpoints centrally
Firewall
revention s
ion p
yst
rus
em
t
n
us gatew
I
ti-vir
a
n
y
A
yp
Encr tion
Anti-virus
Pe
rim
ete
ty
uri
ec
urity
sec
io nt
rs
En
dp
Easy
Endpoint
user
Sensitive data
and applications
Easy
Difficult
Cybercriminals
IBM Software
kits are readily available for purchase on the open market, and
cybercriminals can take advantage of these tools to create exploit
code. However, not all cybercriminals possess the same level of
expertise or aptitude required to successfully use exploit code.
Instead, cybercriminals offer infection services
that leverage exploit code.
Step 5: Avoiding detection by anti-virus applications
IBM Software
Anti-virus checkers
IBM Software
Secure applications
against malware and
phishing attacks
E
UR
AN
AL
E
YZ
SE
C
BL
CK
VE
Adaptive
protection
RE
Remove malware
from infected
endpoints
Trusteer Rapport
Trusteer Pinpoint
IBM Software
Crime Logic
Fraud alert
Crime
Logic
Analytics and
management
Financial
institutions
Trusteer Rapport
SE
C
Unknown
Crime Logic
BL
CK
Known
Crime Logic
Adaptive
protection
AN
A
Adaptive
protection
Adaptive
protection
Trusteer
Intelligence Center
OV
Online
threats
E
UR
ZE
LY
Trusteer Pinpoint
Risk
assessment
RE
Trusteer intelligence
IBM Software 11
5 Peter
6 Amit
webinjects-sale-underground-market
7 Amit
http://www.trusteer.com/blog/cybercrime-services-ramp-provide-one-stop
shop-meet-demand-fraudsters
8 Amit
blog/spyeye-changes-phone-numbers-hijack-out-band-sms-security
9 Amit
http://www.trusteer.com/blog/gift-wrapped-attacks-concealed-online
banking-fraud-during-2011-holiday-season
10 Amit
fraud-prevention-controls
Please Recycle
WGW03046-USEN-00