Crimeware

Crimeware is a class of malware designed specifically to automate cybercrime.^[1]

Crimeware (as distinct from spyware and adware) is designed to perpetrate identity theft through social engineering or technical stealth in order to access a computer user's financial and retail accounts for the purpose of taking funds from those accounts or completing unauthorized transactions on behalf of the cyberthief.^{[citation needed]} Alternatively, crimeware may steal confidential or sensitive corporate information. Crimeware represents a growing problem in network security as many malicious code threats seek to pilfer valuable, confidential information.

The cybercrime landscape has shifted from individuals developing their own tools to a market where crimeware, tools and services for illegal online activities, can be easily acquired in online marketplaces. These crimeware markets are expected to expand, especially targeting mobile devices.^[2]

The term crimeware was coined by David Jevans in February 2005 in an Anti-Phishing Working Group response to the FDIC article "Putting an End to Account-Hijacking Identity Theft".^[3]

Examples

Criminals use a variety of techniques to steal confidential data through crimeware, including through the following methods:

Surreptitiously install keystroke loggers to collect sensitive data—login and password information for online bank accounts, for example—and report them back to the thief.^[4]
Redirect a user's web browser to a counterfeit website controlled by the thief even when the user types the website's proper domain name in the address bar, also known as pharming.^[5]
Steal passwords cached on a user's system.^[6]
Hijack a user session at a financial institution and drain the account without the user's knowledge.
Enable remote access into applications, allowing criminals to break into networks for malicious purposes.
Encrypt all data on a computer and require the user to pay a ransom to decrypt it (ransomware).

Delivery vectors

Crimeware threats can be installed on victims' computers through multiple delivery vectors, including:

Vulnerabilities in Web applications. The Bankash.G Trojan, for example, exploited an Internet Explorer vulnerability to steal passwords and monitor user input on webmail and online commerce sites.^[6]
Targeted attacks sent via SMTP. These social-engineered threats often arrive disguised as a valid e-mail message and include specific company information and sender addresses. The malicious e-mails use social engineering to manipulate users to open the attachment and execute the payload.^[7]
Remote exploits that exploit vulnerabilities on servers and clients^[8]

Concerns

Crimeware can have a significant economic impact due to loss of sensitive and proprietary information and associated financial losses. One survey estimates that in 2005 organizations lost in excess of $30 million due to the theft of proprietary information.^[9] The theft of financial or confidential information from corporate networks often places the organizations in violation of government and industry-imposed regulatory requirements that attempt to ensure that financial, personal and confidential.

United States

US laws and regulations include:

References

^ Jakobsson, M; Ramzan, Z. (6 April 2008). Crimeware: Understanding New Attacks and Defenses. Addison-Wesley Professional. ISBN 0-321-50195-0.
^ Gad, Mamoud (2014). "Crimeware Marketplaces and Their Facilitating Technologies". Technology innovation management review. 4 (11): 28–33.
^ "Putting an End to Account-Hijacking Identity Theft". Federal Deposit Insurance Corporation. 5 January 2004. Retrieved 18 December 2023.
^ "Cyberthieves Silently Copy Your Password", The New York Times
^ Swinhoe, Dan (2020-04-23). "Pharming explained: How attackers use fake websites to steal data". CSO Online. Retrieved 2020-12-05.
^ ^a ^b Symantec Internet Security Report, Vol. IX, March 2006, p. 71
^ "Protecting Corporate Assets from E-mail Crimeware" Archived January 21, 2012, at the Wayback Machine Avinti, Inc., p.1,
^ Sood, Aditya (2013). "Crimeware-as-a-service—A survey of commoditized crimeware in the underground market". International Journal of Critical Infrastructure Protection. 6 (1): 28–38. doi:10.1016/j.ijcip.2013.01.002.
^ CSI/FBI Computer Crime and Security Survey 2005, p.15

External links

Symantec Internet Security Threat Report Archived 2006-11-15 at the Wayback Machine
Computer Security Institute (Archived: August 8, 2002, at 22:18:34)
"Real-Time Hackers Foil Two-Factor Security" (Technology Review, September 18, 2009)
"Cyber Crooks Target Public & Private Schools", (Washington Post, September 14, 2009)
"Crimeware gets worse - How to avoid being robbed by your PC", (Computerworld, September 26, 2009)

[CU_1-1] Jakobsson, M; Ramzan, Z. (6 April 2008). Crimeware: Understanding New Attacks and Defenses. Addison-Wesley Professional. ISBN 0-321-50195-0.

[2] Gad, Mamoud (2014). "Crimeware Marketplaces and Their Facilitating Technologies". Technology innovation management review. 4 (11): 28–33.

[PAE_1-3] "Putting an End to Account-Hijacking Identity Theft". Federal Deposit Insurance Corporation. 5 January 2004. Retrieved 18 December 2023.

[4] "Cyberthieves Silently Copy Your Password", The New York Times

[5] Swinhoe, Dan (2020-04-23). "Pharming explained: How attackers use fake websites to steal data". CSO Online. Retrieved 2020-12-05.

[Symantec-6] Symantec Internet Security Report, Vol. IX, March 2006, p. 71

[7] "Protecting Corporate Assets from E-mail Crimeware" Archived January 21, 2012, at the Wayback Machine Avinti, Inc., p.1,

[8] Sood, Aditya (2013). "Crimeware-as-a-service—A survey of commoditized crimeware in the underground market". International Journal of Critical Infrastructure Protection. 6 (1): 28–38. doi:10.1016/j.ijcip.2013.01.002.

[9] CSI/FBI Computer Crime and Security Survey 2005, p.15

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]