Bi-lingual cybercriminals

Long gone are the days when spam attacks were simply hackers getting thrills and giggles. Now a much more lucrative business, cybercriminals are changing with the times and updating their skills. This creative bunch is constantly adapting and now launching campaigns in multiple languages. Another tactic involves exploiting the phenomenal popularity of local applications and social networking sites.

Spammers versatility

Patrik Bihammar, senior analyst, Security Solutions and System Management Software, IDC Australia said attackers are becoming increasingly sophisticated to improve the success rate of their phishing “attacks”. Improving the success rate of attacks increases the likelihood of the “victims” to click on the link.

Cybercriminals are tailoring attacks to suit different cultures and languages. For example, they are using techniques such as spear phishing with localised language/messages based on the origin of the IP address. For example if the IP address is from Italy the message is in Italian, if the IP address is registered in Germany the message is in German.

“A majority of spam is still in English but we are increasingly seeing localised spam and phishing attacks. We are also seeing a trend towards more targeted attacks against specific companies,” said Bihammer.

Cybercriminals are using real-life news events such as the World Cup and public holidays to attract victims.

“We are also seeing more attacks targeting online gaming in countries where gaming is popular such as South Korea and China. Expect to see attackers using the Olympics in their messaging this year,” warned Bihammer.

McAfee has just released a report confirming that cybercriminals are expanding their horizons. In its third report titled ‘One Internet, Many Worlds’, McAfee looks at global malware trends and examines the unique threats in different countries and regions.

“This isn’t malware for the masses anymore,” said Jeff Green, senior vice president, McAfee Avert Labs. “Cybercrooks have become extremely deft at learning the nuances of the local regions and creating malware specific to each country. They’re not skilled just at computer programming – they’re skilled at psychology and linguistics, too.”

Based on data compiled by McAfee’s international security experts, the report examines the globalisation of threats and the unique threats in different countries and regions. Key findings include information about cybercrime rings taking advantage of lax law enforcement by recruiting malware writers in countries with high levels of education as well as unemployment.

“Malware has become more regional in nature during the past couple of years,” said Green. “This trend is further evidence that today’s cyberattacks are targeted and driven by a financial motive, instead of the glory and notoriety of yesteryear’s cybergraffiti and fast-spreading worms. We’re in a constant chess match with malware authors, and we’re prepared to counter them in any language.”
The geographical trends of malware

The United States

Once the launching pad of all malware, today malware in the US includes elements of malicious software found in other parts of the world. Attackers use increasingly clever social engineering skills to trick victims and are looking to exploit the viral nature of Web 2.0.

Europe

With 23 languages in the European Union alone, language barriers used to be a hurdle for miscreants. Today malware authors adapt the language to the Internet domain site where the scam message is being sent, and malicious websites serve up malware in a language determined by the country the target is located in.

China

A majority of the malware found in China is password-stealing Trojans designed to steal users’ identities in online games and their credentials for virtual currency accounts. China has also become a breeding ground for malware writers.

Japan

Winny, a popular peer-to-peer application in Japan, is prone to malware infestations that can cause serious data leaks. Unlike in most countries, malware authors in Japan are not motivated by money, instead authors seek to expose or delete sensitive data on machines.

Russia

Some of the most notorious attack toolkits are produced in Russia. These grey-market malware tools, combined with lack of legislation against cybercrime, lead experts to believe that the Russian mafia will soon – if they haven’t already – latch onto computer crime.