AVG Unveils Global Community Powered Threat Report - Q3-2011

By Avg Technologies, PRNE
Monday, October 10, 2011

AMSTERDAM, October 11, 2011 -

Pickpocketing Digital Currency the new gold mine, criminals outsourcing money collecting to mobile operators and eavesdropping on Android

AVG Technologies, a leading provider of internet and mobile security, today presents the “AVG Community Powered Threat Report - Q3 2011″, providing insight, background and analysis on the trends and developments in the global online security threat landscape. Highlights in this quarter’s report are the risks of digital wallets, using mobile phone operators to collect money and how an Android Trojan records your calls.

  • Last month, Keith Alexander, director of the US National Security Agency told attendees of the “Maneuvering in Cyberspace” conference that the global cost of cybercrime is estimated to be US$1 trillion. (1*)
  • Last week, the PCeU -the e-crime unit of the Metropolitan Police- reported to have prevented over £140 million-worth of cybercrime in the UK over the last six months alone. (2*)
  • A recent report by the Ponemon Institute -a U.S. based information security policy research center- states that over the past year, the median cost of cyber crime increased by 56 percent and now costs companies an average of US$6 million per year. (3*)

Cybercrime has come a long way since it was mostly a digital form of vandalism. It has developed into a criminal business operated for financial gain and is now worth billions. In this report AVG focuses on some of the most notable cybercrime developments in the last quarter.

Stealing digital currency

Digital Currency has become very popular in a short time. Facebook Credits, Xbox Points, Zynga coins and Bitcoin now play a vital role in a multibillion dollar global gaming economy. Far from being just of virtual value, many of these currencies are actively traded for real currency. This has not gone unnoticed by cyber criminals, now aiming to steal digital wallets from people’s computers. In June a digital wallet containing close to US$500,000 was stolen when someone broke into the victim’s computer and transferred most, but not all, of the money out of his wallet.

Outsourcing the hard part, collecting the money

In a bid to outsource the hassle and risks of collecting the money, cyber criminals are moving beyond credit cards details and are increasingly using mobile phone operators to do the collecting for them. A criminal might install a Trojan on to a victim’s smartphone that sends premium SMS messages when the owner is asleep. They might use a Facebook scam to get hold of people’s phone numbers and sign them up for an expensive monthly phone charge. A victim’s mobile operator will process the charges and transfer the money to the criminal organization, even if they reside on the other side of the world. If and when a victim notices the charge and the mobile operator is alerted to stop processing payments, considerable amounts may already have been stolen. If the amounts are small enough, many victims may not even notice for months.

Eavesdropping on Android

With Android taking almost 50% of the world’s smartphone market share, it is no wonder that cyber criminals consider the platform an attractive target. Most Android malware focuses on making money from premium SMS. However, in July AVG investigated a Trojan that records a victim’s phone conversation and SMS messages and sends them to the attacker’s servers for analysis to identify potential confidential data. This clearly demonstrates the power of modern mobile operating systems but also the tremendous risks unprotected mobile users are open to.

Other key findings in the report:

  • Rogue AV Scanner is currently the most active threat on the web
  • Exploit Toolkits account for over 30% of all threat activity on malicious websites (’Fragus’ is most popular, closely followed by ‘Blackhole’)
  • Angry Birds Rio Unlocker is the most popular malicious Android application
  • The USA is still the largest source of spam, followed by India and Brazil

“In Q3 we started to see a clear trend in cybercriminals shifting their focus to simplifying money collection,” said Yuval Ben-Itzhak, Chief Technology Officer, AVG Technologies. “Well-organized criminal gangs are now letting mobile phone operators handle the money collecting part by focusing on mobile phones and setting victims up for charges that will appear on their phone bill some time later. Not only is it a lot easier, it also scales to tremendous volumes making money by stealing small amounts from very large groups of victims.”

A recent report authored by the research agency The Future Laboratory (Cybercrime_Futures), reveals that while cybercriminals and malicious programs are becoming increasingly sophisticated and difficult to detect, users are, alarmingly, becoming the weakest link as they are less vigilant about protecting their online devices. The combination of these two factors presents a potentially disastrous cybercrime scenario.

JR Smith, CEO of AVG Technologies, said, “It’s increasingly evident that each unprotected individual makes us all more vulnerable, so it’s vital that as a global society we find ways to address this trend and ensure that we are protected together.  We’re securing people’s digital life, or as we like to say: Providing Peace of Mind to the Connected World.”

About the report

The AVG Community Powered Threat Report is based on the Community Protection Network traffic and data, collected over a three-month period, followed by analysis by AVG. It provides an overview of web, mobile devices, Spam risks and threats. All statistics referenced are obtained from the AVG Community Protection Network.

The AVG Community Protection Network is an online neighborhood watch, helping everyone in the community to protect each other. Information about the latest threats is collected from customers who choose to participate in the product improvement program and shared with the community to make sure everyone receives the best possible protection.

AVG has focused on building communities that help millions of online participants support each other on computer security issues and actively contribute to AVG’s research efforts.


Full Q3 Threat Report: AVG_Community_Powered_Threat_Report_Q3_2011

1* www.computerworlduk.com/news/security/3303786/us-needs-to-be-prepared-for-a-big-cyber-attack/

2* www.guardian.co.uk/uk/2011/oct/02/cyber-crime-unit-met-police

3* www.ponemon.org/blog/post/second-cost-of-cyber-crime-study-is-released-today

About AVG Technologies

AVG is a global security software maker protecting 98 million active users in 170 countries from the ever-growing incidence of Web threats, viruses, spam, cyber-scams and hackers on the Internet. AVG has nearly two decades of experience in combating cybercrime and advanced laboratories for detecting, pre-empting and combating Web-borne threats from around the world. AVG has a strong reseller network consisting of resellers, partners and distributors globally including CNET, Ingram Micro, and Wal-Mart.

Source: www.avg.com/press-releases-news  

Keep in touch with AVG

  • For breaking news, follow AVG on Twitter at www.twitter.com/officialAVGnews  
  • For small business security trends analysis, follow the AVG small business blog at small-business.blog.avg.com/
  • Visit the AVG Business Resource Centre at www.avg.com/us-en/business-resources-center
  • Visit the AVG Reseller Center at https://secure.avg.com/us-en/rc-login
  • Join our Facebook community at www.facebook.com/AVGfree
  • Join our LinkedIn community  LinkedIn

United States: Jeff Seedman, Ruder Finn for AVG, seedmanj at ruderfinn.com, + 1-415-249-6763; United Kingdom: Lennard van Otterloo, MSL for AVG, Lennard.vanotterloo at mslgroup.com, +44(0)20-7878-3210; Investor Relations: Siobhan MacDermott , AVG Technologies - Investor Relations, siobhan.macdermott at avg.com, +1-415-299-2945

will not be displayed