Spam, mobile, APT campaigns top attacks in Asia-Pacific

Spam, mobile, and Advanced Persistent Threats (APTs) have been listed as top security risks in Asia-Pacific.
 
According to Trend Micro Inc.’s latest security roundup report, there is a significant shift from “smash-and-grab incidents” used to be favored by cybercriminals to long-term, ongoing targeted attacks that often leverage social engineering and malware.
 
“Asia is the world’s largest source of spam, making it more vulnerable to threats” said Myla Pilao, director of marketing communications at TrendLabs. “This quarter, we uncovered evidence of black hole exploit campaigns that use sophisticated-looking spam.”
 
Trend Micro investigated spam runs that use the name of Facebook, US Airways, USPS, CareerBuilder, and others that trick users to click, then redirect them to landing pages compromised with the black hole exploit kits. Common vulnerabilities of Adobe, Java, Windows, and other software are exploited to drop malware and steal personal information.
 
Asia’s mobile threat landscape changes in the same way that spam does.
 
“We identified nearly 5,000 new malicious Android apps just this quarter,” Pilao said. “Cybercriminal use of mobile has evolved from the past hit-and-miss approach to more aggressive ways of exacting information.”
 
Given the popularity of smartphones for Internet access and the huge Android user base, the increase in attacks targeting the Android OS is not surprising. More security vulnerabilities are found in legitimate mobile apps, making data extraction. Popular spy tool apps are among the 17 malicious apps in Google Play that enjoyed 700,000+ downloads so far.
 
Asia’s growing Bring Your Own Device (BYOD) trend also opens the mobile landscape to more security risks.
 
APTs also hound the APAC threat landscape, as it does the other parts of the world. “As predicted, APT campaigns continued targeting several industries in Asia. What we see today is the drastic change of command and control servers (C&C) hosting from known malicious ISPs to compromised machines associated with the original target,” Pilao said. This technique makes the APT campaign harder to filter and detect.
             
Threats in social media and vulnerabilities are still ongoing, though the landscape has not evolved to be of concern. The most significant points, however, are the cunning social engineering tactics that put data in peril. For example, Whitney Houston’s death, and other sociopolitical upheavals have provided cybercriminals new social-engineering campaign material. It is worth noting that even well-known campaigns may run for a long period of time. People behind these attacks use variants of the same malware and constantly launch new attacks against their targets while continuing exploiting newsworthy events to lure potential victims.
 
“Generally speaking, we saw the threats APAC experienced in Q1 did not change much from the previous quarter. Nevertheless, of this quarter’s four threats, the increasing mobile usage opens most APAC users to maximum security risks,” Pilao said. “Though many organizations are still uncomfortable with consumerization, security and data breach incidents in 2012 will force them to face BYOD-related challenges.”