Cybercriminals Cutting Malware “To Save Money”

CyberCrimeSecurity
ukraine
1 21 No Comments

2015 saw a major fall in malware, Kaspersky Labs reveals, as criminals change their tactics

The rising cost of developing and distributing malware is causing cybercriminals to cut back on their activities, according to a new report from Kaspersky Lab.

The security firm has revealed that the number of new malware files its products detected every day reached 310,000 – a fall of 15,000. from 2014’s total, as such attacks reach a saturation point.

Kaspersky Lab experts believe cybercriminals are using less expensive means to continue with their attacks, and it seems to be working, as the total number of cybercrime victims increased by five percent this year.

Evolving

Malware, virus, security © Finchen, Shutterstock 2014“Cybercrime has lost the last touch of romance,” said Vyacheslav Zakorzhevsky, head of the anti-malware team at Kaspersky Lab.

“Today, malware is created, bought and resold for specific tasks. The commercial malware market has settled, and is evolving towards simplification. I think will we no longer see malicious “code for the code”. This trend is also observed among the operators of targeted attacks.”

Instead of traditional malware attacks, cybercriminals have realised that they can get equally good results using intrusive advertising programs or legitimate digital signatures in their attacks.

Complex coding tools such as rootkits, bootkits or replicating viruses remain popular, but often only bring results at a cost, reducing their overall margins and revenue.

These programs can also cost tens of thousands of pounds to develop, but also have to protect from increasingly sophisticated antivirus software which is specifically designed to detect and kill complicated malware.

This also meant that adware became increasingly popular, as many criminal organisations evolve into acting almost as a business, engaged in selling quasi-legitimate commercial software, activity and other “essentials”.

Criminals are also using bought or stolen legal certificates, often gaining through state-sponsored attacks, to deceive security software, which trusts an officially-signed file more than a regular one.

Are you a security pro? Try our quiz!


Click to read the authors bio  Click to hide the authors bio