Exposing the Money Behind Malware
•Als PPTX, PDF herunterladen•
0 gefällt mir•669 views
This presentation discusses how money has become the leading motivator for cybercriminals to spread malware. From social media to SEO, malware is spreading at a faster rate every year. Learn more and find out what you can do to protect yourself and your data. For more on the Money Behind Malware, visit: http://bit.ly/VnDhv4
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Ähnlich wie Exposing the Money Behind Malware
Ähnlich wie Exposing the Money Behind Malware (20)
Mehr von Sophos
Mehr von Sophos (9)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Exposing the Money Behind Malware
- 1. Exposing the money behind the malware October 2012 Chester Wisniewski
- 2. Who am I? A guy with a really cool job • Hacker • Speaker • Researcher
- 4. Social network spam trends of social networking users report being hit by spam via these services That’s an increase of 20.3% from a year ago.
- 6. Koobface What is it capable of? Steal software keys Upload stored passwords Web server/DNS proxy Search hijacking (PPC) CAPTCHA busting Fake AV Social network spam bot
- 7. How do we get infected?
- 8. Zbot/Zeus in the news Law enforcement crackdown, widely decentralized and international in nature Image courtesy of krebsonsecurity.com
- 9. SEO – How they do it
- 10. SEO leads to social engineering 10
- 11. What’s driving these activities? 11
- 12. Brought to you by Партнерка [partnyo'rka]
- 13. Pharma hosting 195.95.155.13 (AS2118) MoskvaCom Ltd, RU
- 14. Google search for pharma #s
- 15. Average sale = $140-180 USD
- 16. Map of people buying Rx
- 18. Chronopay Mac fake anti-virus industry revealed
- 19. Pharma affilliate profitability Date Orders This affiliate used 66 unique domains 01 30 referencing his Affilliate ID 02 74 03 216 04 193 • 124 orders per day 05 231 • Average sale = $160 • 40% commission 06 191 07 189 08 78 124 * 160 = $19840 * 40% = 09 99 $7936/day 10 128 11 52 12 7 Average sales/day 124
- 20. Pharma partnyo'rka profitability Image courtesy of krebsonsecurity.com
- 21. Fake anti-virus by the numbers TopSale2.ru
- 22. Fake anti-virus top affiliates Some more successful than others Affiliate Account Balance Affiliate ID Username (USD) 4928 nenastniy $158,568.86 56 krab $105,955.76 2 rstwm $95,021.16 4748 newforis $93,260.64 5016 slyers $85,220.22 3684 ultra $82,174.54 3750 cosma2k $78,824.88 5050 dp322 $75,631.26 3886 iamthevip $61,552.63 4048 dp32 $58,160.20 Courtesy of Secureworks.com
- 23. Ransomware
- 24. Complete Security Endpoint Web Email Data Mobile Network Reduce attack surface Protect everywhere Stop attacks and breaches Keep people working URL Filtering Web Application Endpoint Web Encryption Data Control Access control Automation WiFi security Firewall Protection for cloud Anti-spam Patch Manager Mobile Control Virtualization Anti-malware User education Visibility Local self-help Application Mobile app Clean up Technical Device Control Secure branch Intrusion Firewall Control security support offices prevention Encryption Live Protection Email encryption 24
- 25. Why you’re safer in our world You’ll get better threat and data protection more simply, and more cost effectively • Complete security that works better together • Defense in depth you can actually deploy You’ll also see the benefits of consolidating your security vendors: Consolidated licensing costs One trusted partner for support Complete Without Active Security Complexity Protection 25
- 26. Latest News http://nakedsecurity.sophos.com Podcasts http://podcasts.sophos.com Security Hub http://www.sophos.com/security @chetwisniewski on Twitter Contact me chesterw@sophos.com App.net/chester Chester Wisniewski on G+
- 27. Staying ahead of the curve US and Canada 1-866-866-2802 NASales@sophos.com UK and Worldwide + 44 1235 55 9933 Sales@sophos.com http://www.sophos.com/en-us/security-news- trends/security-trends/money-behind- malware-threats.aspx
Hinweis der Redaktion
- PARTNERKA is a slang word known to a group of internet “professionals” and is short for “partner network” or in plain English – Russian Internet Affiliate Network
- Complete security means we don’t just detect threats, we:Reduce the attack surface – We address the things that bring risk like vulnerabilities and applications.Protect everywhere – We make sure your users are protected wherever they are and whatever device they’re using.Stop attacks and breaches – Of course we can detect and prevent threats and data loss. But we’ve moved beyond signatures with innovations like live protection, which means we can stop new threats instantly.Crucially, we Keep people working – Both your users and the IT team. We engineer our products to simplify the tasks that take too much time today, like cleaning up infections and recovering forgotten passwords. So, as the threat and the ways that we use IT for work evolve, so does your protection. We stay on top of them, to simply give you all you need to stay secure. We engineer our products to work better together. And we look for opportunities to unify endpoint agents, gateway defenses, security policies and intelligence so it’s even easier.Agents – for every device, combining security to maximise protection and performanceAt the Gateway – virtual or hardware appliances and software options that match your protection priorities and sizeThroughPolicies - We let you create a policy once, and apply it anywhere to give you consistent protection and user experienceFrom our Labs - our experts have visibility of all aspects of security threats and use that expertise to actively fine-tune your protection for you and deliver instantly from the cloud
- We hope you can see how complete security helps you at every point in the the threat lifecycle. And is engineered so you can actually use it. But there are other advantages too, like multi product discounts and unrivalled technical support from a single point.