Since computer viruses started to appear around 30 years ago, there has been a proliferation in the number and type of viruses and malware affecting individuals and corporations. There is a trend towards cyber attacks becoming highly targeted and organised, often with an aim of making money rather than simply causing chaos.
We explore some of the lesser known cybercrime threats as identified by Sophos – an international web security company, in collaboration with the Center for Internet Security in their publication “Threatasaurus – the A-Z of computer and data security threats”.
Autorun worms are malicious programs stored on a device such as a USB drive. These programs run automatically and infect computers as soon as the device is connected to a computer.
Brute force attack
A brute force attack is one in which hackers use computer programs to try a very large number of possible keyword or password combinations to gain unauthorised access to a system or file.
Command and control center
A command and control center is a computer that controls a botnet (a network of compromised computers). From the command and control center, hackers can instruct multiple computers to perform their desired activities, commonly being used in denial-of-service attacks.
In a denial-of-service (DoS) attack, a hacker attempts to overload or shut down a service so that legitimate users can no longer access it. Commonly, a botnet floods a web server with requests, resulting in the website becoming unavailable. No data is stolen or compromised, but the interruption to the service can be costly for an organization.
The Domain Name System (DNS) converts website domains into IP addresses so that computers can communicate with each other. A DNS hijacking attack changes a computer’s settings to either ignore DNS or use a DNS server that is controlled by malicious hackers. The attackers can then redirect communication to fraudulent sites. DNS hijacking is commonly used to redirect users to fake login pages for banks and other online services in order to steal their login credentials.
Document malware takes advantage of vulnerabilities in applications that let you read or edit documents such as Word, Excel and PDF documents. Malicious content can be embedded within these documents.
A drive-by download refers to a computer becoming infected with malware when a user visits a malicious website. This can also apply to legitimate websites which have been hacked and injected with malicious code. In this way, hackers can infect users without having to trick them into browsing a specific site.
Fake antivirus malware
Fake antivirus malware, also known as ‘scareware’, reports fake computer virus threats in order to scare the user into installing malicious software or paying for an unnecessary product to address the ‘threat’.
Hacktivism is the term used to describe hacking activity that’s typically for political and social purposes, attacking corporations, governments, organizations and individuals. Hacktivist groups may deface websites, redirect traffic, launch denial-of-service attacks and steal information to make their point.
Hackers use keylogging to record the victim’s computer keyboard strokes, thereby intercepting and exploiting usernames, passwords, credit card details and other sensitive data.
Mobile phone malware
Mobile phone malware is intended to run on mobile devices such as smartphones. The approach is similar to computer malware, where the primary aim of the hacker is to make money and schemes such as fake antivirus malware are employed.
The more commonly known offence of phishing involves sending mass emails posing as a reputable organisation such as a bank, and deceiving recipients into providing sensitive information. Spearphising is a much more targeted form of phishing, targeting people in a specific organisation. The emails may appear to come from another staff member at the same organisation, asking recipients to confirm a username and password so that sensitive company information can be accessed and exploited.
Nyman Gibson Miralis provides expert advice and representation in complex international cybercrime investigations. Our expertise includes dealing with malware, phishing and computer hacking offences, bootlegging and tripping, Bitcoin and crypto-currency fraud, as well as offences relating to identity theft, spreading computer viruses and DDoS attacks.
Contact us if you require assistance.