Identity theft malware up 600% this year
Security company PandaLabs says volume of identity theft malware increases dramatically in first half of 2009
The number of users affected by malware designed for identity theft increased by 600% in the first half of this year compared to the same period last year, according to PandaLabs.
The research arm of Panda Security, PandaLabs reports that the percentage of malware that is designed to steal bank details, credit card details or passwords has rocketed in the first half of this year.
PandaLabs says it saw samples of 11 million new threats between January and July this year, of which 71% were trojans, mainly designed for identity theft, against only 51% of new threats in the first half of 2008.
The company estimates that around 3% of all internet users have been a victim of identity theft attacks.
The majority of identity theft malware is trojans, says PandaLabs, but hackers are also using phishing, worms and spyware attacks. Hackers are also switching to other channels of attack besides email, including spyware, messages on social networking sites, cloning of web pages to make them appear among the first results in searches by keywords in popular search engines, infected SMS messages and malware that directs to fake antivirus sites linked from the PC.
Attacks have also diversified beyond banking sites, with attacks targeting other platforms where users might save payment information, such as pay platforms, auctions sites, online stores and even charities.
Luis Corrons, technical director of PandaLabs said that the recession may be the main driver in increased attempts at financially-motivated identity theft.
“Maybe one of the reasons of this increase is the economic crisis along with the big business that selling this information on the black market, such as credit card numbers, Paypal or Ebay accounts, etc. We have also seen an increase of the distribution and infection of this kind of malware through social networks,” he said.