Despite breaches, cyber crime fight on right track, PandaLabs says

Despite the numerous security incidents that took place during the first quarter of the year, the fight against cyber-crime is on the right track, says security firm PandaLabs.

Though there is still a long way to go, international co-operation among security agencies is paying off and criminals around the world are being brought to justice. The quarterly report is available here and on the PandaLabs blog.

“The start of the year has been witness to serious cyber-attacks, including the hacking of the Twitter accounts of major organizations such as the BBC or Burger King, and one of the biggest attacks ever, targeting some of the world’s leading technology companies: Apple, Facebook, Microsoft and Twitter. But there have been victories for security forces as well, including the arrest of a group of hackers accused of extortion using the infamous ‘Police Virus’,” said Luis Corrons , technical director of PandaLabs.

Police Virus Scams

One of the most infamous cases of malware in the last year was the ‘Police Virus,’ but in February, this virus once again hit the headlines, but for a very different reason. The Technological Investigation Brigade of Spain’s National Police, together with Europol and Interpol, dismantled the cyber-crime ring responsible for the Police Virus.

“The news mentioned the arrest of ‘the gang’ of cyber-criminals, yet the information we have at PandaLabs points to the existence of several gangs responsible for these attacks. We reached this conclusion after analyzing numerous variants of the malware over time, and observing significant differences between them. In short, we are afraid the Police Virus is not likely to go away anytime soon and users shouldn’t lower their guards,” said Corrons.

Social Media Attacks

During Q1, various Twitter accounts were also hacked, including celebrities and companies, one of the most notable was Burger King. The attackers managed to work out the account password and take control of the account. They changed the background image to that of McDonald’s and claimed that the company had been taken over by its main rival.

The Twitter account of car company Jeep was also the victim of a similar attack, in this case stating that the company had been bought out by Cadillac. Other attacks on Twitter accounts had a more political slant.

A group of cyber-crooks calling themselves the “Syrian Electronic Army” managed to hack accounts belonging to several organizations. Phishing attacks were first launched to get the passwords and then the accounts were hijacked. Their victims included Human Rights Watch, the French news channel France 24 and the BBC weather service.

Android, Top Target for Mobile Malware

Nearly all news regarding malware attacks on mobile platforms involved the Android operating system, which has the largest share of this market. In addition to the usual attacks, this quarter saw new techniques that deserve mention. A strain of Android malware – hidden inside Google Play – not only infected cell phones but could also infect computers via smartphones and tablets.

According to Corrons, cyber-war and espionage is becoming more interesting. “Many countries are looking suspiciously at Chinaregarding its suspected involvement in attacks on large organizations and public institutions around the world, and this could lead to real world consequences. There are those who argue for international agreements, a type of Geneva Convention, to attempt to establish limits to these activities,” he said.

For more detailed information on malware activity and trends in the first quarter of 2013, you can access the full report here and on the PandaLabs blog.