Analysis of a Cybercrime Infrastructure

Thumb original proofpoint analysis russian actor final

Proofpoint security researchers have published an analysis that exposes the inner workings of a cybercrime operation targeting online banking credentials for banks in the United States and Europe. This Proofpoint research report provides a detailed and rarely seen inside view of the infrastructure, tools and techniques that enabled this cybercrime group to infect over 500,000 PCs.

Key facts from the Proofpoint analysis:
• Russian-speaking cybercrime group targeted primarily US-based systems and online banking accounts.
• Qbot (aka Qakbot) botnet of 500,000 infected systems sniffed ‘conversations’ – including account credentials – for 800,000 online banking transactions, with 59% of the sniffed sessions representing accounts at five of the largest US banks.
• The attackers compromised WordPress sites using purchased lists of administrator logins, with which they were able to upload malware to legitimate sites in order to then infect clients that visited these sites. Many of these WordPress sites also run newsletters, which the attackers leverage to distribute legitimate but infected content.
• Windows XP clients comprised 52% of the infected systems in the cybercrime group’s botnet, even though recent estimates place the Windows XP install base at 20-30% of business and consumer personal computers. Microsoft ended patch and update support for Windows XP in April 2014.
• The cybercrime group used compromised PCs to offer a sophisticated, paid proxying service for other organized crime groups. The service turns infected PCs into an illicit ‘private cloud’ as well as infiltration points into corporate networks.

The report also includes specific guidance to WordPress site owners on how to detect infections and harden their sites against similar attacks.

View Whitepaper
Ldo logo b2bkh proofpoint
Provider: Proofpoint Email Solutions GmbH   |   Size: 4.51 MB   |   Language: English
Keep Reading:
Thumb original ebook cloud security buyers guide en

Compare Cloud Security Solutions

Determining which edge and cloud security vendor is the right fit for your organization can be challenging. Read this guide for evaluating the leading enterprise solutions so you can choose with confidence.

Download to see 13 evaluation criteria, including:
Support and services
Ease of implementation
Customization/flexibility
How to best use analyst perspectives ...

Access this Whitepaper
Thumb original ebook federal employees remote work en

Making It Safe for Federal Employees to Work Remotely

These days, more of your people—maybe even your entire workforce—are working from home. Your operations have shifted, and your cybersecurity needs to, too. But even as the potential for risk widens amidst a rapidly evolving threat landscape, you can help keep your agency safe and your people productive.

Download to learn how to:
Extending remote access to mission critical resources
Enhance your email phishing protection outside the office
Safeguard your people as they use the web differently
Ensure data security in a multi-cloud enviro ...

Access this Whitepaper
Thumb original mktg 18 0108 economics insecurity wp d

Economics of Insecurity

The information security field is economically inefficient. This is both good and bad. Bad, because it means billions of dollars are squandered on solutions which offer their buyers sub-optimal returns. Good, because the opportunities exist to operate more efficiently and thereby improve the quality of life for everyone.
This paper will examine how we know economic inefficiencies exist and why the industry seems unwilling to address them. By understanding these issues, companies will be better able to select effective IT security solutions tha ...

Access this Whitepaper
Thumb original en vmware forbes exec summary v6

Special Report: Enterprises Across Europe, the Middle East and Africa Slowly Embrace Cybersecurity Challenges

Enterprises across Europe, the Middle East and Africa are undergoing what is perhaps the most significant transformation in a generation, moving resources and relationships into the digital realm. Initiatives such as digital transformation and Industry 4.0—an intelligent network of manufacturers, suppliers and customers, which is taking shape around the world and is gaining ground across Europe—mean greater connectedness among businesses, customers and partners.

This report, which is based on a Forbes Insights survey of 451 enterprises acro ...

Access this Whitepaper
Thumb original en vmware forbes exec summary v6

SPECIAL REPORT: Enterprises Across Europe, the Middle East and Africa Slowly Embrace Cybersecurity Challenges

This report, which is based on a Forbes Insights survey of 451 enterprises across Europe, and another 200 within the Middle East and Africa, explores the state of cybersecurity in these regions and how the perceptions of business leaders and security practitioners vary on these issues. We focus primarily on the European findings but have noted where there are noticeable differences among the regions. We also provide recommendations on how companies in Europe and in the Middle East and Africa can better protect their businesses.
...

Access this Whitepaper