14 DAY TRIAL // The third quarter report issued by Internet Identity reveals that phishing dropped, DNS hijacking became a problem for companies and how Shady RAT breaches offered the world a lesson on advanced persistent threats (APTs).
Numbers show that phishing recorded a constant downfall since Q3 of 2010 when the phenomenon was 11% more present than now. Compared to the second quarter of 2011, the number of malevolent expeditions decreased by 8%.
After everyone began considering it the bad seed of the internet, the tk registry decided to act on cleaning its name and formed an alliance with Facebook, IID and the Anti-Phishing Alliance of China, one of their main goals being to become one of the safest domains on the web.
Their efforts paid off as in the third quarter .tk phishing operations recorded a 40% drop, the involvement of co.cc domains in such malicious activities also decreasing after Google de-indexed them.
The Shady RAT operation was one of the more notable ones from the past few months, in the end, most security experts arguing that it was not as harmful as everyone suspected at the beginning.
“Shady RAT may not have been a groundbreaking attack, but lost in the argument of whether or not the newest attack types are the worst or most fascinating for security researchers is the fact that all threats have the potential to lead to damage and loss,” reads the report.
DNS hijackings were used in some high-profile attacks, in September, several domains registered with Ascio.com and managed by NetNames being hijacked at the registrar and pointed to a defacement page. At the time companies such as UPS, Vodafone and The Register were affected.
The DigiNotar issue also occupies a page in the report, the hacking operation that targeted the certificate authority being one of the most problematic cases ever seen for Iranian users and internauts worldwide.