Forgot your password?
typodupeerror
Crime Security Windows IT Your Rights Online

Cybercriminals Shifting Focus To Non-Windows OSes 265

Posted by CmdrTaco
from the diversification-strategy dept.
Orome1 writes "In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the a new Cisco report. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in 'money muling,' and that users continue to fall prey to myriad forms of trust exploitation."
This discussion has been archived. No new comments can be posted.

Cybercriminals Shifting Focus To Non-Windows OSes

Comments Filter:
  • Thank God.... (Score:4, Insightful)

    by Lumpy (12016) on Thursday January 20, 2011 @11:13AM (#34939742) Homepage

    Will they please target the Linux platform so we can prove once and for all to all the Windows lovers that the underlying architecture protects better than the Windows design?

    • Re:Thank God.... (Score:4, Insightful)

      by Anonymous Coward on Thursday January 20, 2011 @11:16AM (#34939786)

      That's not really as true anymore, though. I'm not sure if this is the article I read on it, but http://www.pcadvisor.co.uk/news/index.cfm?newsId=3235498

      Also, even if the underlying architecture protects better... you can't protect people from their own stupidity. They will *absolutely* find ways to infect their machines with malware even if it requires becoming root.

      Fucking users.

      • They will *absolutely* find ways to infect their machines with malware even if it requires becoming root.

        The more steps the user has to complete, the more likely that they will fail to install the malware on their system.

        90% success with a single step is only 81% success with two steps (of 90% success each).

        Three steps (90% success each) is only 73% success.

        And that's not even counting the various worms that won't work because the systems do not ship with services listening for them by default.

        You will NEVE

        • by gazbo (517111) on Thursday January 20, 2011 @11:51AM (#34940206)
          Best part of a decade ago there was a Windows email virus (forget which one, sorry) that did rather well for itself. In order to avoid detection, it spread by email in a password protected zip file. In order to become infected, the user had to open the zip by typing in the randomly generated password given in the email, extract the executable within, then run it.

          It was then that I realised there will never be a technical solution that makes more than a dent in malware infections.

          • by TheLink (130905)
            Yeah. The same users on a "Desktop Linux" (or even OSX) system would be happy to "perl bunnies", "python snake", "ruby jewels" or even chmod 755 sexy.jpg; ./sexy.jpg, and get just as pwned.
      • by gorzek (647352)

        Exactly. If people lose all their data in /home because they downloaded and ran a malicious program, they aren't going to care one whit that the underlying OS wasn't compromised. All they're going to think is, "This Linux crap isn't as secure as I was told!" Unless it actually does protect people from doing stupid things to their own data/user space, it's not going to matter how secure the underlying platform is.

    • by Spad (470073) <slashdot@sp[ ]co.uk ['ad.' in gap]> on Thursday January 20, 2011 @11:16AM (#34939796) Homepage

      Not until you get an equal number of people using Linux who are determined to see the dancing bunnies.

    • Re:Thank God.... (Score:5, Insightful)

      by Monkeedude1212 (1560403) on Thursday January 20, 2011 @11:17AM (#34939806) Journal

      What makes you think they haven't?

      What you've described would be completely unmeasurable - because the only way you can properly measure exploits is when they are successful. There is no way to distinguish between failing to exploit Linux and not attempting an exploit it at all.

    • by Mike Mentalist (544984) on Thursday January 20, 2011 @11:18AM (#34939812) Homepage
      Stallman? Is that you?
      • Re:Thank God.... (Score:5, Informative)

        by oodaloop (1229816) on Thursday January 20, 2011 @11:28AM (#34939930)
        Yes, Richard Stallman is, to his close friends, also known as Lumpy.
      • by eugene2k (1213062)

        Can't be. He wrote "Linux" without the GNU/ prefix.

    • by Pojut (1027544)

      Look. I support Linux as much as the next guy. Hell, I use it on two of my four systems. That being said, I hold no illusions that Linux would remain as secure as it is today were its use as widespread as Windows...nor would it remain as secure once you get Grandpa Joe and Soccer Mom Jennifer using it daily (i.e. super widespread adoption, increasing the number of people targeting it.)

      I'm not saying Linux isn't secure...I'm saying there is no way you can compare the security of an OS that barely holds 1%

      • "Barely holds 1% of the market"

        Really? I'd like to know where you get your stats from. According to numerous sources, including W3's OS Statistics ( http://www.w3schools.com/browsers/browsers_os.asp [w3schools.com] ) DESKTOP linux users number about 5%. and that doesn't include the VAST number of servers.

        Linux in the server market outnumbers windows. http://en.wikipedia.org/wiki/Usage_share_of_operating_systems [wikipedia.org] in the last few months "Linux/unix and variants" passed 50% of ALL server use.

        with most of the people in Internet Security working on a

        • by Pojut (1027544)

          1%, 5%...it's still no where near the number of Windows desktops out in the wild.

      • Re:Thank God.... (Score:5, Insightful)

        by Tubal-Cain (1289912) on Thursday January 20, 2011 @11:46AM (#34940146) Journal
        Apache holds 50% of the webserver market, often on Linux. Much more valuable targets than a generic PC.
        • by Tim C (15259)

          But how do you steal my credit card and bank details by hacking some random webserver?

          More to the point, the vast majority of Windows exploits are trojans. Those webservers are (mostly) maintained by sysadmins unlikely to execute the "shocking pics.zip.exe" file someone emailed them unexpectedly.

      • by mjm1231 (751545)

        Purely anecdotal, but I purchased a netbook for my 13 year old daughter about a year ago. It came with Windows 7 starter edition. I believe the very first thing we did was install an antivirus program, most likely AVG or Avast. After owning it for two days, it was infected with a virus, so I installed Ubuntu netbook edition. There were a few minor glitches (wireless drivers required a patch, adding new fonts is so convoluted that I had to create a script for that) but otherwise she has used it without comp

        • by Pojut (1027544)

          Again though, you're comparing a widely-used operating system to a barely-used operating system (from a desktop perspective, at least.) The number of people targeting Linux PCs is quite likely to be exponentially smaller that the number of people targeting a Windows PC.

        • My sister would pick up a virus at least once every two months on Windows, since switching her to Linux in 2007, not one. In fact I've only had to help her with it twice since, once to install a gstreamer codec (all through the GUI) and once to set up Skype and its audio levels.

          And she's running Firefox with Flash and Java support and she never updates the thing.

          To give you an idea of how good she is at finding malware, one time she took an out-of-date XP laptop I used for LAN gaming to use at school and br

      • by Lumpy (12016)

        Linux/Unix/Solaris/BSD holds 70% of the server market.

        Those are the computers that matter, that hold keys to large kingdoms and large caches of valuable information.

        Why hack janet's pc to get a single CC number when I can hack the Linux servers at A corporation and get 10,000+ credit cards that are all verified for me.

        Dont you even try the fake argument that Linux and Unices are not a target. They are a bigger target than all of the windows universe combined.

        Getting a nasty running on a root DNS se

      • by DrJimbo (594231)
        Pojut said:

        I'm saying there is no way you can compare the security of an OS that barely holds 1% of the market to the most widely used OS on the entire planet.

        Please see this post [slashdot.org]:

        Will they please target the Linux platform so we can prove once and for all to all the Windows lovers that the underlying architecture protects better than the Windows design?

        Slashdot warning:
        Deep recursion in thread "Cybercriminals Shifting Focus To Non-Windows OSes" at post "Re:Thank God..." .

    • by TheLink (130905)
      Uh they do take over Linux servers regularly. The architecture isn't better.

      As for desktops, if you somehow get Joe Schmoe to run an arbitrary executable[1] on either platform, Joe Schmoe's confidential data will be at risk, or his machine can be turned into a spam sending zombie. So no big difference. Whether the executable gets root/admin is irrelevant for many criminal purposes.

      Linux servers tend to be more useful targets than Linux desktops. I also wonder whether there are more Linux servers than Linux
      • [1] Doesn't have to be an executable in the chmod sense of the word- perl Makefile.PL on a malicious Makefile.PL will still get you screwed.

        Actually a lot of apps that have this design vulnerability are addressing the problem. For example recent versions of WINE won't run an .exe unless it's set as executable.

    • First, the report is not principally about platforms targeted but about types of criminal scams. But the secondary aspect is the one sensationalized by the reporter. Second, there is a big difference between "target" and "victim lying upside down on the floor waving its legs feebly in the air".

    • Yeah, but just one question :

      Will they please target the Linux platform

      Which of the gazillion of different flavour of Linux should they target ?~
      And on which CPU : the traditional Intel-derived architecture ? The ARM on which it seems to be selling like hot cakes ?~
      Oh, you meant that diversity is actually part of the Linux' strategy to be more resistant ?!?

      More seriously :
      Serious software developer are constantly complaining that it's hard to write closed-source binary blobs that target the whole Linux nebula.
      (As opposed to open-source, which is ea

    • Uh. Please tell me how we'd know that they had targeted a Linux machine? I appreciate your idea but are you certain you thought it through? For surely the only notice we'd have of their work were if they succeeded in exploiting it. This conundrum is surely similar to that of proving God exists. Faith in security like faith in God kinda revolves around the notion of "no news is good news" wherein if you do not hear of exploits your faith may remain strong, but hear of one and the house comes tumbling do

    • by Simon80 (874052)
      I don't know if this is really true. After an exploit of e.g. Firefox or Flash player, an attacker can just put a keylogger into my session. If they also want root, they only need to wait for me to type my password into a terminal emulator. It's not exactly what I would call secure.
    • It's been targeted for years. Just not on the desktop. Linux's largest problem is MISCONFIGURATION by incompetent admins (and there are a lot of them as it gains in popularity ... I inherited a bunch of that responsibility recently). Windows exploits, OTOH, are largely attacks against problems with the software itself. The only thing a competent admin can do in that situation is wait for the patch, or hope there is another mitigation.

  • Could you tell me how a *scam* targets an OS? I thought the Nigerian Prince thing was cross platform...
    • Scam includes schemes with dishonest elements. My best example for you is the one a few stories back about hackers embedding code into job interview resumes. The results differ depending on the OS "targetted". If you are running Xfce on Slackware with ultra custom mods derived from the Species 8472 from Star Trek scriptwriter manuals, you'll laugh at malware.

      If you're a typical overworked cube dweller running Win2000 you'll get hosed.

      • Scam includes schemes with dishonest elements. My best example for you is the one a few stories back about hackers embedding code into job interview resumes. The results differ depending on the OS "targetted". If you are running Xfce on Slackware with ultra custom mods derived from the Species 8472 from Star Trek scriptwriter manuals, you'll laugh at malware.

        If you're a typical overworked cube dweller running Win2000 you'll get hosed.

        If you are a typical cube dweller running Win2000 you already are hosed.

      • And it has been fine-tuned towards the desired victim.

        If the scam was targeting people running ultra custom mods derived from the Species 8472, they would simply make specific adjustments.
        And only in that last execution part of the scam. The entire play up to that point stays the same.

        And besides the fact that "running ultra custom mods derived from the Species 8472" relies on security through obscurity, let us not forget that Species 8472 were defeated through use of malware.
        I.e. Borg nanoprobes specifical

  • by goombah99 (560566) on Thursday January 20, 2011 @11:22AM (#34939862)

    I see in the news that the android app store is now rejecting apps. The apps rejected were ones that downloaded other apps. Thus they were vectors for invasive software. Or at least potentially so. Likewise Moto is locking down droid with a re-incarnating system rom and apoptotic immune system. Apple has been heavily criticized for it's app store restrictions. But to me all these moves are a great idea. I don't want my phone to be so versatile that I have constantly be vigilent. Someday I might work up the nerve to let it function as a credit card. I defintely want to see years of virus/torjan free operation before I try that.

    If I wanted a toy I could program as I wish I'd buy one of those. But please let there be some severly locked down phones before we all get telphonically transmitted diseases.

    • by Spad (470073)

      Rejecting apps because they're potential malware vectors (or outright malware) - Fine
      Rejecting apps because they offend your delicate sensibilities or the menu bar is the wrong shade of teal, at least for this week - Less Fine

    • by icebraining (1313345) on Thursday January 20, 2011 @11:35AM (#34940006) Homepage

      I don't see any problem with the Android App Store restrictions because you can choose to install packages from other sources if you choose. So, if you like feeling safe, don't mess with it. If you don't like the restriction, enable out of store installations.

      Motorola's eFuse, on the other hand, seem nothing more than a way for them to control your phone; I don't see how it protects you.

    • by kellyb9 (954229)
      I don't necessarily see the comparison between android locking down its app store to potential malware versus the Apple app store locking down its store because they don't like apps that are in "poor taste". One is clear cut censorship and the other is meant as preventitive security measure.
    • by migla (1099771)

      If I wanted a toy I could program as I wish I'd buy one of those. But please let there be some severly locked down phones before we all get telphonically transmitted diseases.

      Well, I for one, would still want the prerogative to install whatever from wherever.

      Sure, a "locked down", malware-free repository is a good thing, but there is no need to restrict my freedom to fuck up with 3:rd party software if I want to.

      If I want to be safe, I'll just not use any unaudited third party apps.

    • Apple has been heavily criticized for it's app store restrictions. But to me all these moves are a great idea.

      For me it's a great idea, as long as it's not mandatory.

      In Apple's case, it's bad because there's no other choice. You only have the walled garden mode. And for everything else, you have to rely on exploits to root your very own phone.

      In HP/Palm Pre & WebOS's case it's good because out-of-the-box you have 2 choice :
      - Joe six pack will happily use the phone in its current state, the walled garden protecting him from the dangers of the homebrew world.
      - Advanced users will simply type a specific and docume

  • The CISCO report highlights growth in Apple's reported patched vulnerabilities. But it seems to me that a theoretic vulnerability is not the same as an actual real-world exploit. This is particularly true when there's a zero-day exploit that causes 'badguy code' to run. If that code runs in a non-privileged account and therefore can't accomplish its intent, does that count as an actual problem?

    I'm not trying here to push the "Macs are better" argument, but rather explore the question of how we measure vu

  • "Cybercriminals Shifting Focus To Non-Windows OSes"
    Ugh... I've been playing too much Shadowrun apparently, because this headline brought on all sorts of odd imagery.
  • by ub3r n3u7r4l1st (1388939) * on Thursday January 20, 2011 @11:52AM (#34940222)

    Common myth still spreading around that macs do not have viruses. Majority of its users still do not have anti-virus software of any kind.

    The pioneer who goes in first, strikes the gold.

    • This has been the case throughout the whole of the last ten years and we've been eagerly awaiting said pioneer for at least 4-5 of them. Still nothing. I'm starting to suspect that there is actually no gold and that the only ones who haven't figured it out yet are some of the folks on Slashdot.
    • by Alrescha (50745)

      "Common myth still spreading around that macs do not have viruses."

      Myth? Please point to a current Mac virus.

      A.

      • Does a trojan count?

        securemac.com [securemac.com] should probably be told that they are completely useless, as there is nothing for them to fight against.

        • No, since the user is the one fooled into installing it. As long people are able to install software in their machines you will not stop trojans, regardless of the OS unless we are talking about stock iOS. We are talking about self replicating, self installing virus.

          Now, I would like that Apple kill the "open safe files automatically" in Safari and spend more time in the OS install process to teach basic security procedures to new users to be a happy customer.

          • by Bengie (1121981)

            Self replicating and self installing virii? I think Win7 has 1 or two of those. Everything else requires the user to install it. Even then, those 1-2 virii still require admin privs.

      • Myth? Please point to a current Mac virus.

        Here [about.com], here [about.com], here [about.com], and here [wikipedia.org].

        I'm sure there are more, but I think I've answered your request.

        • Going through your list we have: 1) proof of concept never in the wild and no threat; 2) failed virus that doesn't actually work, requires a user to untar and run the app, then fails to propagate except on the local LAN if the users is an admin with specific changes to their configuration and which by all accounts never went anywhere after being posted to a forum; 3) trojan; 4) trojan.

          I'm sure there are more, but I think I've answered your request.

          None of those are current viruses. Only two of them are viruses at all, the first a proof of concept never released and with

          • Ok ok, I just did a quick search. Here's a whole page [securemac.com] of vulnerabilities. The point is that OSX, nor any platform, is completely without flaws and impossible to infect. As I'm sure several people have pointed out, as OSX becomes more prevalent, you'll see people working harder to develop malware. And no, I'm not a Windows fanboi. I have several computers with OSes ranging from XP to Haiku, including OSX. To say that a Mac is unable to get a virus is like Hitler saying his army didn't need cold weather gear
            • Ok ok, I just did a quick search. Here's a whole page [securemac.com] of vulnerabilities.

              Vulnerabilities != viruses. Realistically, to date more Mac users have been compromised by faulty antivirus software than have had problems because of viruses.

              The point is that OSX, nor any platform, is completely without flaws and impossible to infect.

              That's a straw man argument. No one said it was.

              As I'm sure several people have pointed out, as OSX becomes more prevalent, you'll see people working harder to develop malware.

              That's quite likely, but doesn't support the conclusion that they will be successful enough to impact the average user.

              And no, I'm not a Windows fanboi. I have several computers with OSes ranging from XP to Haiku, including OSX. To say that a Mac is unable to get a virus is like Hitler saying his army didn't need cold weather gear in Siberia.

              Neither MacOS nor Linux is immune to viruses, but to date the security measures implemented by both OS's have been sufficient to make the threat a non-issue for the vast majority of user

        • A OS 9 virus, a PowerPC/10.4 trojan, a proof of concept virus and a trojan that uses social engineering to scam $39.99 from unsuspecting users that also need to explicitly download and install it. That's the best you managed to find? Is like saying old unpatched releases of BIND are insecure and installing random software from internet is a bad idea.

      • For a virus to be acceptable for use on an Apple computer it must be current? Talk about elitist.

        Also, doesn't your computer have internet on it? [google.com]

      • by Bengie (1121981)

        Or the myth that running Windows will get your virii. Been Virii/Malware free for 12 years on Windows, 10 of those 12 years without active virus scanners and the past 2 years with MSE1/2.

        Tip, don't run all your apps as admin and don't install every program you see.

    • Why not just install Sophos' free version for Mac?
    • Pics or it didn't happen. I have yet to see an actual OS X virus in the wild.

      Trojans, sure. Anytime you have L-series users, you'll have trojans. But an actual virus?

      Show us what you got.
    • Common myth still spreading around that macs do not have viruses.

      Other common myths: water is wet and the sun is bright.

    • by alien9 (890794)
      a couple weeks ago I was told by Mom that her Mac had got a 'virus'... I was amused until went there and saw that actually it was sophos antivirus for mac which had detected windows malware she downloaded from rogue email... lol
    • Poking a Mac is the near equivalent of poking a *NIX system. Given the popularity of Macs I suspect we're only having our faith in *NIX further validated. *NIX was here before M$ and will be here long after. I have no doubt there have been and will be many, many failed pioneers.
    • however I am not one to open e-mails from people I do not know, nor am I one who would just type in his system password when prompted.

      Unfortunately based on several local user group meetings I know a lot of people who would do both. First and foremost because they are utterly convinced in their superiority to PC users and OS X's immunity to viruses, after all if they harm OS X Apple would provide a virus program.

  • At least on my Windows PC, I have enough experience and knowledge dealing with Viruses and such that I have a reasonably good idea if my computer is infected. Common sense, using the right apps and such help reduce the threat.

    I don't have the experience or knowledge of handling this with my Smartphone (Blackberry). I'm more concerned given the sensitivity of the data that I exchange on this platform - personal and business calls as well as e-mail that I don't know what adequate protections to use on the pho

  • The Year of the Linux Desktop!

"Let every man teach his son, teach his daughter, that labor is honorable." -- Robert G. Ingersoll

Working...