Report: Cyber Criminals Capitalize on Holiday Season

Fortinet unveils the darker side of the holiday season with its December 2010 Threat Landscape report, revealing that hackers are not only using regional-sounding domains to sound like legitimate sites, but they are also capitalizing on the holiday season by disguising malware as e-cards.

The survey exposes a revolutionary step cyber criminals are taking to diversify the distribution of their illegal gains.

“This month, we saw a wide variety of money mule recruitment campaigns that — for the first time — targeted specific countries in an orchestrated manner,” said Derek Manky, project manager of cybersecurity and threat research at Fortinet. “The campaigns, which were seeded in a number of Asian and European countries, solicited local individuals who already have or had established relationships in the banking industry or were looking for work as online sales administrators.”

To portray more legitimate “localized campaigns”, they created regional-sounding domain names, such as cv-eur.com, asia-sitezen.com and Australia-ruseme.com.

Under further scrutiny, Fortinet’s FortiGuard team uncovered all three domains were registered to one Russian contact. Localized campaigns make it easier for cyber criminals to obtain mule accounts internationally, because each one falls under different governing laws and banks. If one were discovered, the others would remain online and continue its criminal activities.

Another prominent cyber threat used this holiday season was the Buzus Trojan. This malware was distributed through mass emails spoofed as holiday e-cards. Once the impostor e-card is opened, the now-infected system sends out the same holiday e-card to everyone in the system’s email address book.

Fortinet’s FortiGuard team learned the majority of Buzus Trojans were sent from the Hiloti botnet. Hiloti uses DNS as a communication channel to watermark its report information to its servers, and it avoids detection by appearing as a legitimate DNS traffic.

The full report is available on Fortinet’s site and includes the top threat rankings in several categories.

You may also be interested in...

Red Hat’s David Egts: Open-Source Training, ‘Sense of Mission’ Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat’s North American public sector, has said there are several options …

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 …

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability …