GLENDALE, Calif., Nov. 19 /PRNewswire/ — PandaLabs, Panda Security’s malware analysis and detection laboratory, today issued a security alert that reveals a direct correlation between the recent stock market volatility and the growth of new threats. According to PandaLabs, the two are tied together much more closely than previously thought and recent stock market instability has accelerated the volume of targeted cyber attacks and their relative impact on the economy over the last month and a half. In addition, analysts at PandaLabs believe the recent spike in malware could be related to cybercriminals now having fewer possible targets as a result of consolidation within the banking industry.
(Photo: NewsCom: http://www.newscom.com/cgi-bin/prnh/20081022/LAW068-a
“When we began looking into the specific effects cybercriminals had on our economy during times of duress we found a startling connection: the criminal economy is closely interrelated with our own economy,” said Ryan Sherstobitoff, chief corporate evangelist for Panda Security. “Based on our extensive research and analysis of emerging malware patterns, we believe that criminal organizations are closely watching market performance and adapting as needed to ensure maximum profit.”
According to PandaLabs, the new strategy appears to be developed in response to banking industry consolidation brought on by the $700 billion bailout package passed by Congress in early October. As a result of this consolidation, fewer banking entities will exist in the long term and the perception of instability in the financial community makes for a less attractive target. This situation has increased the volume of other types of malware such as adware, which under normal circumstances would be second to Trojans.
“Cybercriminals have to increase their activity to reach more users with campaigns designed to put money directly into their pockets, especially during times of economic instability. For example, we have seen a surge in the number of fake antivirus software scams that trick unsuspecting consumers into making an online transaction, instead of criminals relying heavily on phishing the credentials for banks,” explains Sherstobitoff. “Our data also shows that these fake antivirus campaigns are generating over $14 million in profit each month for the underground economy.”
The following are highlights on PandaLabs’s key findings:
— On average, the US stock market experienced between a 3 to 7 percent decline from Sept. 1st to Oct. 9th. However, activity on the “malware markets” was the opposite: it grew substantially as the stock markets declined.
— From Sept. 5th to 16th, the Dow Jones Industrial Average, NASDAQ, S&P 500 and Composite Index all dropped from the plus 0.0 percent range to approximately negative 3.0 percent or lower. The same timeframe witnessed a significant surge in daily malware threats; for example from Sept. 8th to Sept 10th the volume of daily threats grew from 10,150 to well over 24,000.
— From Sept. 14th to 16th, stock markets dropped from -0.5 to -5.5
percent while daily threats grew from 8,276 on the 14th to over 31,404 on the
The graphs below represent these figures and clearly show that when the markets are doing poorly, cybercriminals are capitalizing on weakened economic states to reap huge financial rewards. For example, Figure #1 shows the general decline of the DJIA, NASDAQ, S&P 500 and the Composite Index for a period of one and a half months and indicates several points of notable loss. When comparing this graph to the malware evolution graph (Figure #2) from Sept. 1st to Oct. 9th, it clearly shows that when the markets are unstable, cybercrime is significantly higher.
Figure #1 – Stock market evolutions (Sept. 1st to Oct. 9th) – source: moneycentral.msn.com
Figure #2 – Threat evolutions with key highlights (Sept. 1st to Oct. 9th) – source: PandaLabs
“As evidenced by this compelling data, there will be no end to the persistence and pervasiveness of cybercriminals and their attempts at exploiting malware for financial gain,” said Sherstobitoff. “Regardless of the economic state we’re in, cybercriminals are continually adjusting their strategies and, from this evidence, are capitalizing on economic lows to prey on unsuspecting victims. By remaining vigilant and aware of these findings, we are better prepared to protect ourselves and the economy from the very real dangers of malware.”
Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.
Currently, 94% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.
More information is available in the PandaLabs blog: http://www.pandalabs.com
About Panda Security
Panda Security is one of the world’s leading IT security providers, with millions of clients around the globe and products available in over twenty languages. Our mission is to keep our customers’ information and IT assets safe from security threats, giving them the most effective protection with the minimum resource consumption.
Every day, thousands of new malicious codes are created. To combat this threat, Panda Security has developed an innovative and unique security model which can automatically analyze and classify thousands of new malware samples. This model is collective intelligence and ensures that Panda Security solutions can protect against far more threats than the products of any other company. The exceptional detection capacity of collective intelligence can be put to the test at the Infected or Not website (http://www.infectedornot.com)
For more information and evaluation versions of all Panda Security solutions, visit our website at: http://www.pandasecurity.com /
SOURCE Panda Security