Crimeware

{{Short description|Class of malware designed specifically to automate cybercrime}}

Crimeware is a class of malware designed specifically to automate cybercrime.{{cite book| title=Crimeware: Understanding New Attacks and Defenses| author1=Jakobsson, M| author2=Ramzan, Z.| publisher=Addison-Wesley Professional| date=6 April 2008| isbn=0-321-50195-0}}

Crimeware (as distinct from spyware and adware) is designed to perpetrate identity theft through social engineering or technical stealth in order to access a computer user's financial and retail accounts for the purpose of taking funds from those accounts or completing unauthorized transactions on behalf of the cyberthief.{{citation needed| date=December 2023}} Alternatively, crimeware may steal confidential or sensitive corporate information. Crimeware represents a growing problem in network security as many malicious code threats seek to pilfer valuable, confidential information.

The cybercrime landscape has shifted from individuals developing their own tools to a market where crimeware, tools and services for illegal online activities, can be easily acquired in online marketplaces. These crimeware markets are expected to expand, especially targeting mobile devices.{{Cite journal |last=Gad |first=Mamoud |date=2014 |title=Crimeware Marketplaces and Their Facilitating Technologies |journal=Technology innovation management review |volume=4 |issue=11 |pages=28-33}}

The term crimeware was coined by David Jevans in February 2005 in an Anti-Phishing Working Group response to the FDIC article "Putting an End to Account-Hijacking Identity Theft".{{cite web| title=Putting an End to Account-Hijacking Identity Theft| url=https://archive.fdic.gov/view/fdic/6701| publisher=Federal Deposit Insurance Corporation| date=5 January 2004| access-date=18 December 2023}}

Examples

Criminals use a variety of techniques to steal confidential data through crimeware, including through the following methods:

Surreptitiously install keystroke loggers to collect sensitive data—login and password information for online bank accounts, for example—and report them back to the thief."[https://www.nytimes.com/2006/02/27/technology/27hack.html?ex=1163998800&en=5599d5982c64f082&ei=5070 Cyberthieves Silently Copy Your Password]", The New York Times
Redirect a user's web browser to a counterfeit website controlled by the thief even when the user types the website's proper domain name in the address bar, also known as pharming.{{Cite web|last=Swinhoe|first=Dan|date=2020-04-23|title=Pharming explained: How attackers use fake websites to steal data|url=https://www.csoonline.com/article/3537828/pharming-explained-how-attackers-use-fake-websites-to-steal-data.html|access-date=2020-12-05|website=CSO Online|language=en}}
Steal passwords cached on a user's system.Symantec Internet Security Report, Vol. IX, March 2006, p. 71
Hijack a user session at a financial institution and drain the account without the user's knowledge.
Enable remote access into applications, allowing criminals to break into networks for malicious purposes.
Encrypt all data on a computer and require the user to pay a ransom to decrypt it (ransomware).

Delivery vectors

Crimeware threats can be installed on victims' computers through multiple delivery vectors, including:

Vulnerabilities in Web applications. The Bankash.G Trojan, for example, exploited an Internet Explorer vulnerability to steal passwords and monitor user input on webmail and online commerce sites.
Targeted attacks sent via SMTP. These social-engineered threats often arrive disguised as a valid e-mail message and include specific company information and sender addresses. The malicious e-mails use social engineering to manipulate users to open the attachment and execute the payload."[http://www.avinti.com/download/market_background/whitepaper_email_crimeware_protection.pdf Protecting Corporate Assets from E-mail Crimeware]" {{webarchive|url=https://web.archive.org/web/20120121024839/http://www.avinti.com/download/market_background/whitepaper_email_crimeware_protection.pdf |date=January 21, 2012}} Avinti, Inc., p.1,
Remote exploits that exploit vulnerabilities on servers and clients{{Cite journal|last=Sood|first=Aditya|date=2013|title=Crimeware-as-a-service—A survey of commoditized crimeware in the underground market|journal=International Journal of Critical Infrastructure Protection|volume=6|issue=1|pages=28–38|doi=10.1016/j.ijcip.2013.01.002}}

Concerns

Crimeware can have a significant economic impact due to loss of sensitive and proprietary information and associated financial losses. One survey estimates that in 2005 organizations lost in excess of $30 million due to the theft of proprietary information.CSI/FBI Computer Crime and Security Survey 2005, p.15 The theft of financial or confidential information from corporate networks often places the organizations in violation of government and industry-imposed regulatory requirements that attempt to ensure that financial, personal and confidential.

= United States =

US laws and regulations include:

References

External links

[http://www.symantec.com/enterprise/threatreport/index.jsp Symantec Internet Security Threat Report] {{Webarchive|url=https://web.archive.org/web/20061115125942/http://www.symantec.com/enterprise/threatreport/index.jsp |date=2006-11-15 }}
[http://webarchive.loc.gov/all/20020808221834/http://www.gocsi.com/ Computer Security Institute] (Archived: August 8, 2002, at 22:18:34)
[http://www.technologyreview.com/computing/23488/ "Real-Time Hackers Foil Two-Factor Security"] (Technology Review, September 18, 2009)
[https://web.archive.org/web/20110515190932/http://voices.washingtonpost.com/securityfix/2009/09/cyber_mob_targets_public_priva.html "Cyber Crooks Target Public & Private Schools"], (Washington Post, September 14, 2009)
[https://www.computerworld.com/article/2467748/cybercrime-hacking/crimeware-gets-worse---how-to-avoid-being-robbed-by-your-pc.html "Crimeware gets worse - How to avoid being robbed by your PC"], (Computerworld, September 26, 2009)

Category:Types of malware

Category:Cybercrime