Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cybercriminals Shifting Focus To Non-Windows OSes

Posted by CmdrTaco on from the diversification-strategy dept.

Orome1 writes "In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the a new Cisco report. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in 'money muling,' and that users continue to fall prey to myriad forms of trust exploitation."

36 of 265 comments (clear)

  1. Thank God.... by Lumpy · · Score: 3, Insightful

    Will they please target the Linux platform so we can prove once and for all to all the Windows lovers that the underlying architecture protects better than the Windows design?

    --
    Do not look at laser with remaining good eye.
    1. Re:Thank God.... by Anonymous Coward · · Score: 4, Insightful

      That's not really as true anymore, though. I'm not sure if this is the article I read on it, but http://www.pcadvisor.co.uk/news/index.cfm?newsId=3235498

      Also, even if the underlying architecture protects better... you can't protect people from their own stupidity. They will *absolutely* find ways to infect their machines with malware even if it requires becoming root.

      Fucking users.

    2. Re:Thank God.... by Spad · · Score: 5, Funny

      Not until you get an equal number of people using Linux who are determined to see the dancing bunnies.

    3. Re:Thank God.... by Monkeedude1212 · · Score: 4, Insightful

      What makes you think they haven't?

      What you've described would be completely unmeasurable - because the only way you can properly measure exploits is when they are successful. There is no way to distinguish between failing to exploit Linux and not attempting an exploit it at all.

    4. Re:Thank God.... by Mike+Mentalist · · Score: 4, Funny

      Stallman? Is that you?

      --
      I put my books on Amazon, Smashwords, Demonoid, ISOHunt and Pirate Bay. Search for 'Michael Cargill'
    5. Re:Thank God.... by oodaloop · · Score: 5, Informative

      Yes, Richard Stallman is, to his close friends, also known as Lumpy.

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
    6. Re:Thank God.... by Monkeedude1212 · · Score: 2

      Also known as, the 8th and forgotten dwarf.

    7. Re:Thank God.... by phyrexianshaw.ca · · Score: 2

      "Barely holds 1% of the market"

      Really? I'd like to know where you get your stats from. According to numerous sources, including W3's OS Statistics ( http://www.w3schools.com/browsers/browsers_os.asp ) DESKTOP linux users number about 5%. and that doesn't include the VAST number of servers.

      Linux in the server market outnumbers windows. http://en.wikipedia.org/wiki/Usage_share_of_operating_systems in the last few months "Linux/unix and variants" passed 50% of ALL server use.

      with most of the people in Internet Security working on a platform that's NOT windows, there's good reason it's as well secured as it is. (that and anybody can find/fix a bug in the open source world. but that's another topic entirely ;)

    8. Re:Thank God.... by Tubal-Cain · · Score: 5, Insightful

      Apache holds 50% of the webserver market, often on Linux. Much more valuable targets than a generic PC.

    9. Re:Thank God.... by xemit · · Score: 2

      Linux already has that capability and has had it for years in the form of Selinux. The firewall that comes with Windows can already do that without the help of ZoneAlarm.

    10. Re:Thank God.... by eugene2k · · Score: 2

      Can't be. He wrote "Linux" without the GNU/ prefix.

      --
      Apple has "Mac vs PC", Microsoft has "Laptop Hunters", Linux has recession
    11. Re:Thank God.... by mjm1231 · · Score: 2

      Purely anecdotal, but I purchased a netbook for my 13 year old daughter about a year ago. It came with Windows 7 starter edition. I believe the very first thing we did was install an antivirus program, most likely AVG or Avast. After owning it for two days, it was infected with a virus, so I installed Ubuntu netbook edition. There were a few minor glitches (wireless drivers required a patch, adding new fonts is so convoluted that I had to create a script for that) but otherwise she has used it without complaint or incident ever since.

      So on that one machine, for that one user, Windows averages an infection every 2 days, Linux never.

      --
      Ideology: A tool used primarily to avoid the bother of thinking.
    12. Re:Thank God.... by Pojut · · Score: 2

      Again though, you're comparing a widely-used operating system to a barely-used operating system (from a desktop perspective, at least.) The number of people targeting Linux PCs is quite likely to be exponentially smaller that the number of people targeting a Windows PC.

      --
      Living With a Nerd
    13. Re:Thank God.... by Tim+C · · Score: 2

      But how do you steal my credit card and bank details by hacking some random webserver?

      More to the point, the vast majority of Windows exploits are trojans. Those webservers are (mostly) maintained by sysadmins unlikely to execute the "shocking pics.zip.exe" file someone emailed them unexpectedly.

      --
      It's official. Most of you are morons.
    14. Re:Thank God.... by GameboyRMH · · Score: 2

      You're right, there is. Less for both OSes combined than the number of Windows viruses created in a single day. None of which are in circulation.

      So it is fair to say there is no malware for MacOS or Linux in the same way it is fair to say there is no smallpox. It's in the history books and there's probably a sample in a vault somewhere, but that's about it.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    15. Re:Thank God.... by GameboyRMH · · Score: 2

      If you want ZoneAlarm-like interactive firewall alerts and configuration you have a few options:

      - Linux-firewall

      - Mandi on Mandrake

      - Fireflierd (no longer maintained though)

      You can show UFW's log file as a Conky widget or something if you just want to let the user see attempts to send traffic out through unauthorized ports.

      So now that you see that your pet functionality is possible, please start recommending Linux as a desktop OS to your users.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    16. Re:Thank God.... by e4g4 · · Score: 2

      While it's admittedly been a couple of years (and OS revisions) since I've seen it - I have seen both Mac OS X Server (10.4.11) and Linux (specifically CentOS, forget the version) machines with rootkits on them that were put there by a remote exploit (ab)used by an automated attack (in smb, in the case of the mac server - yes, the machine had the smb port open to the wild. I'm not sure how the linux box got exploited; again though, it had more services exposed to the open web than it should have). They were both part of the C&C network for two different botnets (at least, that's my guess, judging by the IRC bot artifacts I found). So while there may not be any _viruses_ for those platforms, the security track record is far from perfect. Interestingly enough, the exploit pack that was used to attack the Mac server was a dual-platform toolkit, targeting both BSD (not entirely sure which flavor) and Darwin.

      --
      The secret to creativity is knowing how to hide your sources. - Albert Einstein
    17. Re:Thank God.... by gorzek · · Score: 2

      Exactly. If people lose all their data in /home because they downloaded and ran a malicious program, they aren't going to care one whit that the underlying OS wasn't compromised. All they're going to think is, "This Linux crap isn't as secure as I was told!" Unless it actually does protect people from doing stupid things to their own data/user space, it's not going to matter how secure the underlying platform is.

      --
      Check out my world simulator thingy.
    18. Re:Thank God.... by laughingcoyote · · Score: 3, Insightful

      And if you go look at the source code, you can find plenty of these exploits, I presume? I'll look forward to hearing about them with interest.

      The fact that bad guys can find a bug means good guys can find it too. Ultimately, that makes the whole platform more secure. Not perfectly secure, and there's no such thing, but awfully good.

      But feel free to repeat that old canard about using open source all over. In the meantime, those of us who depend on real machines with real security will use *nix, unless given absolutely no choice.

      --
      To fight the war on terror, stop being afraid.
    19. Re:Thank God.... by bbtom · · Score: 2

      I went to a machine the other day and found the user's password on a post-it note.

      That's common enough, right?

      Except he was in /etc/sudoers. Not any more.

      I'm instituting a new security policy: if you leave your password on a post-it note, you lose sudo. If I find your password on a post-it note again, I get to hit you on the head with a hammer. Eventually it will stop.

      --
      catch (HumourFailureException e) { e.user.send("You, sir, are a humourless idiot."); }
  2. Someone who RTFA by DMiax · · Score: 2

    Could you tell me how a *scam* targets an OS? I thought the Nigerian Prince thing was cross platform...

  3. Android app store now rejecting apps by goombah99 · · Score: 2, Interesting

    I see in the news that the android app store is now rejecting apps. The apps rejected were ones that downloaded other apps. Thus they were vectors for invasive software. Or at least potentially so. Likewise Moto is locking down droid with a re-incarnating system rom and apoptotic immune system. Apple has been heavily criticized for it's app store restrictions. But to me all these moves are a great idea. I don't want my phone to be so versatile that I have constantly be vigilent. Someday I might work up the nerve to let it function as a credit card. I defintely want to see years of virus/torjan free operation before I try that.

    If I wanted a toy I could program as I wish I'd buy one of those. But please let there be some severly locked down phones before we all get telphonically transmitted diseases.

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:Android app store now rejecting apps by Spad · · Score: 2

      Rejecting apps because they're potential malware vectors (or outright malware) - Fine
      Rejecting apps because they offend your delicate sensibilities or the menu bar is the wrong shade of teal, at least for this week - Less Fine

    2. Re:Android app store now rejecting apps by icebraining · · Score: 4, Interesting

      I don't see any problem with the Android App Store restrictions because you can choose to install packages from other sources if you choose. So, if you like feeling safe, don't mess with it. If you don't like the restriction, enable out of store installations.

      Motorola's eFuse, on the other hand, seem nothing more than a way for them to control your phone; I don't see how it protects you.

      --
      Dilbert RSS feed
    3. Re:Android app store now rejecting apps by kellyb9 · · Score: 2

      I don't necessarily see the comparison between android locking down its app store to potential malware versus the Apple app store locking down its store because they don't like apps that are in "poor taste". One is clear cut censorship and the other is meant as preventitive security measure.

  4. Re:That's part of the protection. by gazbo · · Score: 4, Interesting
    Best part of a decade ago there was a Windows email virus (forget which one, sorry) that did rather well for itself. In order to avoid detection, it spread by email in a password protected zip file. In order to become infected, the user had to open the zip by typing in the randomly generated password given in the email, extract the executable within, then run it.

    It was then that I realised there will never be a technical solution that makes more than a dent in malware infections.

  5. Macs are still no mans land by ub3r+n3u7r4l1st · · Score: 3, Insightful

    Common myth still spreading around that macs do not have viruses. Majority of its users still do not have anti-virus software of any kind.

    The pioneer who goes in first, strikes the gold.

    --
    New Economic Perspectives
    1. Re:Macs are still no mans land by lurch_mojoff · · Score: 2

      This has been the case throughout the whole of the last ten years and we've been eagerly awaiting said pioneer for at least 4-5 of them. Still nothing. I'm starting to suspect that there is actually no gold and that the only ones who haven't figured it out yet are some of the folks on Slashdot.

    2. Re:Macs are still no mans land by Alrescha · · Score: 2

      "Common myth still spreading around that macs do not have viruses."

      Myth? Please point to a current Mac virus.

      A.

      --
      ...bringing you cynical quips since 1998
    3. Re:Macs are still no mans land by andrewagill · · Score: 2

      Why not just install Sophos' free version for Mac?

    4. Re:Macs are still no mans land by alien9 · · Score: 2

      a couple weeks ago I was told by Mom that her Mac had got a 'virus'... I was amused until went there and saw that actually it was sophos antivirus for mac which had detected windows malware she downloaded from rogue email... lol

    5. Re:Macs are still no mans land by 99BottlesOfBeerInMyF · · Score: 2

      Going through your list we have: 1) proof of concept never in the wild and no threat; 2) failed virus that doesn't actually work, requires a user to untar and run the app, then fails to propagate except on the local LAN if the users is an admin with specific changes to their configuration and which by all accounts never went anywhere after being posted to a forum; 3) trojan; 4) trojan.

      I'm sure there are more, but I think I've answered your request.

      None of those are current viruses. Only two of them are viruses at all, the first a proof of concept never released and without a payload and the second barely a virus at all, usually called a trojan and a complete failure. Neither are ever likely to be seen by a user.

    6. Re:Macs are still no mans land by 99BottlesOfBeerInMyF · · Score: 2

      Ok ok, I just did a quick search. Here's a whole page [securemac.com] of vulnerabilities.

      Vulnerabilities != viruses. Realistically, to date more Mac users have been compromised by faulty antivirus software than have had problems because of viruses.

      The point is that OSX, nor any platform, is completely without flaws and impossible to infect.

      That's a straw man argument. No one said it was.

      As I'm sure several people have pointed out, as OSX becomes more prevalent, you'll see people working harder to develop malware.

      That's quite likely, but doesn't support the conclusion that they will be successful enough to impact the average user.

      And no, I'm not a Windows fanboi. I have several computers with OSes ranging from XP to Haiku, including OSX. To say that a Mac is unable to get a virus is like Hitler saying his army didn't need cold weather gear in Siberia.

      Neither MacOS nor Linux is immune to viruses, but to date the security measures implemented by both OS's have been sufficient to make the threat a non-issue for the vast majority of users. I hypothesize that this has more to do with the fact that Apple and Linux developers lose money when there are significant security issues, while Microsoft, with monopoly influence on the desktop OS market, has less motivation to actually create working solutions. I don't see the malware problem for OS X, Linux, Android, iOS, or really anything other than Windows getting nearly as bad as it is for Windows users today.

  6. To be more precise : Which Linux ? by DrYak · · Score: 2

    Yeah, but just one question :

    Will they please target the Linux platform

    Which of the gazillion of different flavour of Linux should they target ?~
    And on which CPU : the traditional Intel-derived architecture ? The ARM on which it seems to be selling like hot cakes ?~
    Oh, you meant that diversity is actually part of the Linux' strategy to be more resistant ?!?

    More seriously :
    Serious software developer are constantly complaining that it's hard to write closed-source binary blobs that target the whole Linux nebula.
    (As opposed to open-source, which is easier to custom patch and compile, and can be adapted to various flavour by the distribution package authors or 3rd parties).
    And that's regular software which is supposed to only exhibit normal and usual behaviour.

    Now just imagine the mess that would be trying to write trojans that have to rely on exploits and other dirty hacks, in order to gain the sweet "Root" privilege and to stay stealthy.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  7. Re:OH NOES A STRAW MAN!!! by GameboyRMH · · Score: 2

    Your argument that my argument is a straw man is a straw man. Many Google results for something does not mean that thing is common, correct, or even exists at all.

    By creating this recursive strawman loop you are sucked into the straw man universe, where you are a sex slave to splintery straw men for the rest of eternity.

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  8. Re:That's part of the protection. by TheLink · · Score: 2

    Yeah. The same users on a "Desktop Linux" (or even OSX) system would be happy to "perl bunnies", "python snake", "ruby jewels" or even chmod 755 sexy.jpg; ./sexy.jpg, and get just as pwned.

    --