Bots represent over 60 percent of all website traffic. This means that the majority of your website traffic could be coming from Internet bots, rather than humans. A bot is a software application that runs automated tasks over the Internet. Bots can be put into two categories, “good” and “bad.” Good bots visit websites to perform jobs, like search engine crawling, website health monitoring and website vulnerability scanning. Bad bots perform malicious tasks such as, DDoS attacks, website scraping and comment spam.
Tag: Internet Bots
Remember Heartbleed, that age-old bug that only surfaced last year and left more than half of all internet servers around the world exposed? Looks like we might have yet another Heartbleed on our hands. This one has been codenamed Shellshock and experts are already saying that it could impact millions of Unix systems that operate on Linux or Mac IOS. And may even threaten consumer devices including home routers.
It’s been a good time for malware and its authors, but a very bad time for businesses and especially those caught in a malware snare. A variety of point of sale (PoS) malware has run rampant through thousands of business and retailers in just the last few months, creating a massive haul of stolen credentials for hackers worldwide. And making consumers a very nervous bunch.
The latest victim is Home Depot, which only just announced that it had lost at least 56 million customer credit and debit cards to hackers who used a variant of PoS malware that’s growing in popularity amongst criminals — because it apparently works very well.
So many malware threats, so little time. We’ve rounded up the eight most dangerous malware threats every business needs to be aware of.
1. Banking Trojans
From Citadel to Zeus, banking Trojans have proven to be some of the most potent and profitable malware tools. This malware focuses on stealing bank account logins, which in turn can be used to steal whatever is in those accounts. It is believed that Zeus alone has been used to steal more than $120 million from compromised accounts.
2. Backdoor Trojans
Backdoor Trojans are designed to give hackers the very same access and rights to a computer or network as the administrator in charge of managing them. Which means hackers can do a lot of damage over an extended period – from stealing information and deleting files to changing passwords and modifying security settings.
Keyloggers have once again become a favored tool of cybercrooks. They’re designed to steal anything that’s typed on a keyboard and even on a touch screen. In recent tests, only one of 44 of the most popular antivirus software products in current use was able to detect even the simplest keylogger.
Ransomware like Cryptolocker is also on the rise, and researchers claim that the malware has been so successful in making money for its creators that it’s likely to spawn lots of copycats. Ransomware makes money by encrypting all the data on an infected computer and then charging a fee or ransom to release that data back into the custody of its owners. One small cyber gang is believed to have made more than $27 million using Cryptolocker.
5. Exploit Kits
Exploit kits can include Trojan downloaders and droppers and are really the road crew of the malware industry. Their job is not so much to commit the crimes but set them up. Once installed on a victim computer or network, they give the criminals the options of what kind of malware they want to upload. In 2013, the Blackhole Exploit Kit was most commonly used to deliver the Zeus banking Trojan.
Bots are tiny pieces of malware, at least compared to their malware cousins described above. And unlike their cousins, they’re not specifically designed to attack the host computers they infect. Instead, bots take control of the infected computers, sometimes millions of infected computers at a time, to assist in other crimes. Those crimes could be to share or hide stolen information, distribute child pornography, or attack other computers.
7. Drive-by Downloads
Drive-by downloads, like APTs, are not really malware but attacks designed to help malware. They don’t necessarily break into the bank, just cut the hole in the roof for others to climb through. Vulnerable websites are infected with malware that’s not designed to attack the website itself, but to spread the malware to visitors to that site. Once recent report found that crooks now prefer to spread malware through websites versus email by a ratio of 5-1 because it’s much more effective.
8. Advanced Persistent Threats
Advanced Persistent Threats, or APTs, may not really be a type of malware either but a type of attack that usually involves malware. And usually the most sophisticated kind. APTs have been growing in popularity because they work, and get their name because the attackers will often pick very specific targets and attack them relentlessly over a long period and using some very sophisticated attack tools. Some companies and even individuals targeted by APTs have been attacked as often as thirty times in thirty days.
Constant vigilance and layers of security are your best defense against malware. It’s much more cost-effective to put security in place proactively rather than react after an attack. SiteLock’s website security solutions can find and even automatically remove malware, as well as block malicious traffic from accessing your website in the first place. Call our security experts today at 877.563.6200. We are available 24/7 to help.
Who is visiting my website?
There are two basic categories of traffic that visit your website – humans and bots. An invaluable benefit of the TrueShield web application firewall is being able to differentiate, not only between these two basic groups, but also to separate the good bots from the bad. Bots get a bad rap, since most people associate them with cyber attacks. But if it weren’t for the search engines using bots to index your website, your site would never appear in a search and all your SEO efforts would be wasted. These are the good bots, and if your website application firewall is blocking them you could be hurting your online business instead of protecting it. SiteLock ensures that these bots are able to access your site and do their job for you. Knowing more about your visitors also enables you to spend smarter when it comes to marketing dollars, and to provide your advertisers with the most accurate numbers. When it comes to your website traffic (and, well, pretty much everything else in life), knowledge is power.
With all the movies and TV series focused on zombies lately, many of us seem to have zombies on the brain. Think they don’t actually exist? Oh but they do – in the form of business and personal computers compromised with malicious software capable of engaging all kinds of nasty behavior.
Networks of zombie computers are called botnets, and many experts believe that botnets now represent the single biggest cyber threat, to businesses and to consumers: