The third quarter of 2014 was dedicated to celebrity account hackings and corporate data breaches. In addition, it became clear that no system is perfect with the announcement of the Shellshock bug affecting the BASH shell.
Cybercriminals also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam and malware distribution efforts.
These are among the findings from a Web malware and spam report for the third quarter of 2014 from Cyberoam, in collaboration with its partner Cyren.
The Apple iCloud celebrity data breach made news, but Cyren attempted looking a little deeper into cybercrime targeted at the Apple device market, observing an increase in Apple users being targeted. One prominent message the celebrity phishing-photo scandal left behind was that Apple users are an increasing target for scams and hacking.
While the iOS and OSX operating systems still remain relatively safe, more and more individuals globally are buying Apple devices and using Apple services, which could account (in part) for the increased targeting of Apple users.
There are currently more than 800-million Apple IDs in use. More than 300-million individuals hold iCloud accounts, giving them access to 5Gb of online storage, as well as e-mail, calendar and photo stream.
In addition, phishing attacks are at least three times more likely to be successful on a smart phone than on a desktop or laptop.
On top of increased phishing, Cyren notes that Apple initiated a new e-mail alert campaign shortly after the celebrity attacks. It informed Apple iCloud users that their Apple ID was recently used to sign into an iCloud account. While the e-mail is entirely legitimate, it provided scammers the opportunity to imitate an official large-scale e-mail campaign.
The report identifies the Bash-Shellshock bug as another story of importance in the third quarter. Discovered by a French security expert in mid-September and disclosed publicly in late September, Shellshock has been deemed by many as the “world’s most dangerous Internet security bug”.
Cyren detected Shellshock attacks using the “CGI-based Web server attack” technique through a specially crafted HTTP cookie header request field. Attackers have also used other HTTP request header fields such as “User-Agent”, “Accept”, “Referer” and “Host” to inject the malicious Bash commands.
Cybercriminals also used global tragedies, such as Ebola and airline disasters, to further enhance their phishing, spam and malware distribution efforts. The use of “sensationalism” to promote a headline or sell an item is nothing new and, in the third quarter, hackers put this technique to good use.
