|
|
According to data from McAfee Avert Labs, the monitoring and research arm of security vendor McAfee Inc., malware attacks are growing at astronomical rates and it's happening for one simple reason: the malware writers are making money. Data from McAfee indicates 245 per cent growth in the number of malware being developed from 2006 to 2007, with a further 300 per cent growth projected from 2007 to 2008. And year to date, McAfee said the amount of malware generated has already surpassed 2006 and 2007 combined. Recently, RSA FraudAction Research Lab discovered login information for 300,000 online bank accounts and 250,000 credit and debit card accounts that have been gathered by a cybercrime gang over the past three years using the Sinowal Trojan. The Trojan is programmed to execute when the victim visits a particular banking or financial Web site; it is triggered by more than 2,700 specific URLs. The malware then inserts additional fields into the victim's browser prompting the victim to type in information such as PIN and Social Security number, which the website itself does not request. 
Security software for the desktop in the form of antivirus and personal firewall is ineffective against these new types of financial malware even though many banks distribute them through their Website. A recent PC World review of top desktop security solutions concluded that "Malware (is) Evolving Too Fast for Antivirus Apps" after the best performer detected only one in four new malware samples. Even antivirus vendors admit that "most new malware is going undetected by commercial security products, and not just Symantec's, but we have to recognize that like all other AV products we are probably missing a sizeable amount of this malware," (Carey Nachenberg, Symantec Research Labs, December 2007) A recent report from the organization for economic co-operation and development (OECD) claims that 59 million (one in four) personal computers in the US are already infected with malware. According to this report, malware has evolved from occasional 'exploits' to global multi-million-dollar criminal industry. While the online criminal community is putting a tremendous effort into building a widespread, fully controlled, and highly sophisticated malware-based infrastructure, many banks are waiting for the problem to grow and cause significant fraud losses before they start building their malware prevention strategy. By doing so, banks are setting the perfect environment for fraudsters to build an unbeatable army ready for their command. When this army accurately strikes a specific bank recovery will be long, expensive, and painful. |
|
||||||
Product |
||||||
|
||||||
