Symantec Global internet Security threat report
Range of Prices
$0–$600 plus 50%–60%
Credit card information
Bank account credentials
Credit card dumps
Website administration credential
Table 5. Goods and Source: Symantec
services advertised on underground
While there was a decline in credit card advertisements in 2009, it is likely that they will continue to be a significant factor in the underground economy. With the wide availability of the previously mentioned crimeware kits, it is becoming easier for neophytes to operate in the online underground economy. this will likely increase the availability of credit cards on underground economy servers.
As government agencies and industries in many countries increase their efforts to combat malicious code activity, that activity is increasingly shifting to emerging countries with rapidly growing internet infrastructures. Meanwhile, some emerging countries may experience an even greater influx of malicious activity due to the aforementioned increased ease of mounting attacks for neophyte cybercriminals. that said, it is critical to note that, just because attackers are relocating malicious activities such as phishing hosts, bot networks, and spam zombies to other countries, these attacks can still be directed at targets anywhere worldwide.
targeted attacks against enterprises have been occurring for some time now. However, during 2009 a large-scale targeted attack occurred that brought these types of incidents into the spotlight.30 the wide- scale reporting of this attack impelled many organizations to re-examine their security postures and mitigation strategies against zero-day vulnerabilities.31 Symantec believes it is likely that targeted attacks of this nature will continue to play a large part in the threat landscape in the near future.
Financially motivated attacks against both enterprises and individuals remain a large part of the threat landscape. the underground economy continues to flourish even while the mainstream economy begins recovering from the financial crisis. Many cybercriminals have shifted their efforts toward creating kits they can sell to new entrants in the underground economy. this enables relatively inexperienced attackers with little technical knowledge to mount attacks without too much difficulty. As these developments make it easier for more attackers to enter into the online underground economy, Symantec expects attacks against Web browsers and malicious code variants installed through these attacks to increase. this increases the importance of reputation-based security techniques and other technologies that act to catch malicious code beyond simple signature-based detection.