14 DAY TRIAL // Security Firm AVG has released its Community Powered Threat Report for the third quarter of 2012. The study focuses on the 2.0 version of the BlackHole exploit kit, the evolution of malware and other threats that marked the past quarter.
According to AVG, the BlackHole exploit kit leads both the toolkit and the malware markets with a share of almost 76%, respectively 63%.
Considering that the crimekit’s authors have launched the 2.0 version, experts say that its market share will grow even further and the attacks it’s utilized in will become even more “aggressive” because of the advanced evasion techniques recently integrated into it.
“Blackhole is a sophisticated and powerful exploit kit, mainly because it is polymorphic and its code is heavily obfuscated to evade detection by anti-virus solutions. The rapid update capabilities of the kit have also made it challenging for traditional antivirus vendors to track, which are the main reasons it has a high success rate,” said Yuval Ben-Itzhak, CTO at AVG Technologies.
“Through our multi-layered security approach with real-time analysis at the endpoint, AVG has been detecting a much higher rate of Blackhole Toolkit-based attacks than other toolkits, as Blackhole's creator seeks to stay ahead of their competition,” Ben-Itzhak added.
Another noteworthy section from the report details mobile banking attacks that rely on the Zeus-in-the-Mobile (ZitMo) malware. Up until now, the methods utilized by criminals against mobile phone users only allowed them to make small amounts of money per victim.
However, with the latest developments in malware technology, the crooks can empty an entire bank account in one go.
Finally, AVG researchers have noticed that in the past quarter, cybercriminals started relying on malware hidden in image files to complete their malicious goals. Innocent-looking files can be designed to deliver a nasty payload to the users who visit compromised websites.