Why are they created There are two main reasons. The first is for hacking accounts. Imagine you came to such a resource and entered your username and password. In this case, you will not be able to get anywhere, while the attackers receive your data. Well, then they will use them to send spam.
And, unfortunately, it does not always find it, because it does not know who, how and for what purpose has blocked the page of classmates. But many can make this \"sadness\": both damning hackers, and strict admins, and the social network itself (to be honest, it also happens!)
Another scenario is to actually hack your account and send spam from it. But it seems that this is not my case. Because I was not asked to confirm (enter) my password (nickname, email). It seems to be called phishing.
China has become the world leader in developing malware programs. Chinese hackers did not limit themselves to creating their own Trojan programs but also began to localize foreign, (primarily Russian) malicious programs. Among others, they developed Chinese versions of popular exploits such as IcePack, FirePack, and MPack and localized several variants of the Pinch and Zeus Trojans. In addition, Chinese cybercriminals continued their active search for vulnerabilities in popular software, in particular Microsoft Office and Microsoft Windows. They were relatively successful, with their most notable achievement being the identification of a vulnerability in NetAPI Windows. As a result, the end of 2008 was marked by a large number of attacks exploiting the MS08-067 vulnerability.
Gaming Trojans have now overtaken Trojans designed to attack the users of online payment and banking systems. They now often include file infection capability and the ability to spread via removable storage media, and have also been used to create botnets. One of the main aims behind the Chinese hack attacks mentioned above was the distribution of gaming Trojans.
Another family, Trojan-GameThief.Win32.WOW family, which only targets World of Warcraft, showed steady activity until November 2008. In November, around 10,000 sites were hacked, with malicious code subsequently being placed on these sites. European and American sites suffered more because these are the regions with the biggest number of World of Warcraft players. This incident was deliberately scheduled for November 13, the release date for Wrath of the Lich King, the second World of Warcraft expansion set.
Attacks are becoming more widespread and more sophisticated. The actions of online game players contribute to the growth in the virtual assets market, which in turn acts as a source of income for hackers and virus writers.
A wide variety of offers can be found on the Internet today: cybercriminals offering to hack accounts on social networking sites, carry out mailings to contact lists, or to collection information about a specified user.
Our research revealed that port 8000 is used by the Backdoor.Win32.Hupigon family. This particular family, created by Chinese hackers, is quite possibly the fastest-growing family of malicious programs ever detected by Kaspersky Lab. By the end of 2008, we had more than 110,000 various modifications of Hupigon in our collection.
An analysis of the statistics on network requests from malicious programs and on the Top 10 second-level domains targeted by malicious programs confirm that in 2008 Chinese hackers and cybercriminals were leaders in creating malware. The Chinese Hupigon family, which uses the non-standard ports 8000 and 8181, accounted for 29% of network requests by malicious programs, while the great majority of second-level domains targeted by malicious programs belong to Chinese DNS services.
In our opinion, cybercrime has entered a period of market saturation: the number of people and groups involved has reached a point where competition is inevitable. No doubt, competition has always existed but as a rule it was limited to a conflict of interests between a couple of groups in a single, narrow sphere. Nowadays competition is on a global scale, transcending local borders. Competition between Russian, Chinese, Brazilian, Ukrainian and Turkish cybercriminals is not limited by the technologies they use. They also compete for customers and those who can fulfill orders; for better channels for collecting, selling and processing data; for hacking resources etc.
Malware 2.0 has been replaced by a new conceptual model: that of huge distributed botnet systems. This model, created by Russian hackers and implemented in Rustock.c, the Sinowal bootkit and a few other malicious programs has been proved to be both highly effective and reliable.
APIs are essentially instructions that allow applications to access data and interact with web databases. But left improperly secured, these APIs can be leveraged by malicious actors to mass-harvest information stored in those databases. In October, mobile provider Optus disclosed that hackers abused a poorly secured API to steal data on 10 million customers in Australia. 1e1e36bf2d