Underground development of malware leads to 'Crimeware-as-a-Service' model

Cyber criminals are now relying on cloud computing models to carry out online attacks.

According to a report by CA Technologies' internet security business unit, 'Crimeware-as-a-Service' is now an emerging trend, with almost all Trojans (96 per cent) now developed as a result of this tactic. It claimed that cyber criminals are also increasingly reliant on cloud-based web services and applications, such as Google Apps, Flickr and Microsoft Office Live, as well as real-time mobile web services to target general users.

The report said that Crimeware-as-a-Service is an on-demand and internet-enabled service that highlights cloud computing as a new delivery model and is primarily designed to target data and identity theft.

It pointed at a recent malicious spam campaign where the messages pose as email notifications targeting Twitter and YouTube users, luring targets to click on malicious links or visit compromised websites.

Don DeBolt, director of threat research for CA Technologies' internet security business unit, said: “The extent to which a services model has now been adopted is amazing. This new method of malware distribution makes it more challenging to identify and remediate. Fortunately, security professionals and developers are always diligent about staying one step ahead of these cyber criminals.”

The report also named rogue anti-virus as a notable threat and trend of 2010, specifically when the 'scareware' uses a template that constructs its product name based on the infected system's Windows operating system.

Sign up to our newsletters