Blueliv has analyzed the main Cyber Threats which have been apparent on a global level during the first quarter of 2014, and in this post we are going to show their origin.
MALICIOUS URL GEOLOCALIZATION
Some 46% of the malicious URLs analyzed were geolocalized in the United States, while China hosted a further 30% of them.
CC BOTNET ORIGIN
In respect of botnets, the number of localized control panels has risen slightly. In general, the majority of the countries that host the control servers which receive the captured data do not correspond with the countries attacked, but this quarter, similarly to to previous periods, the United States once again heads the list of botnet source countries, with 47% of the servers hosted there. It is followed by the European Union, with 26% of the total.
As for the types of malware, Citadel and Zeus continue to prove the most popular, with 48% and 36% respectively. This is only logical given the ease with which they can be acquired and used, with no need for expert knowledge to operate them. Iceix’s share also bears considerable weight, with 10% of the total.
On this point, however, the increase of malware samples intended to infect Point of Sale Terminals is worthy of mention, as this figure has multiplied five-fold this quarter. Attacks on mobile devices have also increased, with the figure tripling.
This new tendency is due to the fact that the financial sector spends months implementing measures which make the work of cyber criminals difficult, and the latter have multiplied in such a way that there are now too many competitors vying for the same objectives. Cyber criminals are exploring new ways to infect devices such as POS terminals and mobile devices, based on the 4 following variables: the ease with which fraud can be committed, the ease with which their activity can be turned into money, the risk assumed and the possibility of automating the attack to make it profitable.
To know more about the first quarter of the years you can download the full report here.