Week in review 29 August 2014
Two big items dominated this week. The first was the continuing issue of the Backoff malware. The second big item was the data breach at JP Morgan, and possibly other financial institutions. There were also some other interesting pieces of news. Blue coat revealed that 470 million websites exist for 24 hours.
Malware uses various tricks to evade detection by researchers, which is how it can slip past Antivirus defences. To round it off, Kaspersky Lab published tips on Android security. On August 1 we posted an item from SC magazine about a new form of malware called Backoff. At that time, 600 US businesses had been infected. Just over 3 weeks on, and the number of affected businesses has reached over 1000. An Arstechnica article reports that the malware often slips under the defence of most antivirus software.
This is disturbing, since the malware has been around since October 2013. A breaking story on Thursday revolved around a data breach at JP Morgan. At the time of writing, this is still developing, however it appears JP Morgan were not the only target. The data breach now involves the FBI. The cause of the data breach is a zero-day vulnerability. Data was stolen from employee computers, including, it appears, customer account information. No monetary fraud has been detected as yet. Here’s a big number: 470 million. What does it mean? According to researchers at Blue Coat, it is the average number of websites that exist for 24 hours. The disturbing part of the research is that 22% of these websites are malicious.
This is one reason why it’s hard to develop good counters to email spam attacks. Malware continues to evolve. This time it appears that some malware can tell when it is on a victim’s machine or a researcher’s machine. When malware detects that it is on a researcher’s machine, it tries various strategies to evade detection. One example is the Shylock Trojan, which sends out false data to hide from researchers.
Android devices tend to get a bad rap. Part of this may be the fact that that Android malware makes up 90% of the malware mobile threats. It’s not all bad news though. Kaspersky lab published a list of tips to reduce the security risks on Android devices. A big one was to keep your security software up to date. Other tips were to steer away from using free Wi-Fi, and to use only the apps available from Google.