SAO PAULO, Brazil--(BUSINESS WIRE)--A single electronic crime syndicate employing advanced malware was responsible for two-thirds of all the phishing attacks detected in the second half of 2009 -- and was responsible for the overall increase in phishing attacks recorded across the Internet, according to a report released today by the Anti-Phishing Working Group (APWG).
“Avalanche's relentless activities led to the development of some very effective counter-measures.”
The report authors found that the Avalanche phishing gang was responsible for some 66 percent of all phishing attacks launched in 2H2009. Avalanche successfully targeted some 40 banks and online service providers, and vulnerable or non-responsive domain name registrars and registries.
"Avalanche's impact was unprecedented," said Greg Aaron, Director of Key Account Management and Domain Security at Afilias and co-author of the study. "This one criminal group was responsible for two-thirds of the world's phishing, and also combined it with sophisticated crimeware distribution. The losses by banks and individual Internet users were staggering."
"Avalanche" is the name given to the world's most prolific phishing gang, and to the infrastructure it uses to host phishing sites. This criminal enterprise perfected a system for deploying mass-produced phishing sites, and for distributing malware that gives the gang additional capabilities for theft.
Rod Rasmussen, founder and CTO of Internet Identity and co-author of the study, said, "Avalanche's relentless activities led to the development of some very effective counter-measures." Rasmussen explained, "The data shows that the anti-phishing community -- including the target institutions, security responders, and domain name registries and registrars -- got very good at identifying and shutting down Avalanche's attacks on a day-to-day basis. Further, a coordinated action against Avalanche's infrastructure in November has led to an ongoing, significant reduction in attacks through April 2010."
Aaron and Rasmussen are reporting their findings today at the APWG's fourth annual Counter eCrime Operations Summit, an international conference for industry and law enforcement professionals who respond to electronic crime and protect consumers and businesses from electronic crime.
The new report also contains analysis of other phishing trends. Key findings and highlights include:
- Phishing uptimes have dropped by a third since 2008. Uptimes are a vital measure of how damaging phishing attacks are, and the drop indicates the success of mitigation efforts.
- The amount of Internet domain names and numbers used for phishing has remained fairly steady over the past two-and-one-half years, a period in which the number of registered domain names in the world has grown.
- The great majority of phishing continued to be concentrated in certain name spaces -- just five top-level domains (TLDs).
The study is available at:
 |
| Start Swiping, Stop Typing and Phishing is Eliminated |
About the APWG:
The APWG, founded in 2003 as the Anti-Phishing Working Group, is a global industry, law enforcement, and government coalition focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing, and crimeware. Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community and solutions providers. There are more than 1,800 companies, government agencies and NGOs participating in the APWG and more than 3,300 members. The APWG's Web site offers the public and industry information about phishing and email fraud, including identification and promotion of pragmatic technical solutions that provide immediate protection. APWG's corporate sponsors are as follows:
AT&T(T), Able NV, Afilias Ltd., AhnLab, AVG Technologies, BillMeLater, BBN Technologies, Blue Coat, BlueStreak, BrandMail, BrandProtect, Bsecure Technologies, Check Point Software Technologies, Cisco (CSCO), Clear Search, Cloudmark, Cyveillance, DigiCert, DigitalEnvoy, DigitalResolve, Digital River, Easy Solutions, eBay/PayPal (EBAY), Entrust (ENTU), eEye, Fortinet, FraudWatch International, FrontPorch, F-Secure, Goodmail Systems, GeoTrust, GlobalSign, GoDaddy, Goodmail Systems, GuardID Systems, HomeAway, IronPort, HitachiJoHo, ING Bank, Iconix, Internet Identity, Internet Security Systems, Intuit, IOvation, IronPort, IS3, IT Matrix, Kaspersky Labs, Kindsight, Lenos Software, LightSpeed Systems, MailFrontier, MailShell, MarkMonitor, Marshall8e6, McAfee (MFE), MasterCard, MessageLevel, Microsoft (MSFT), MicroWorld, Mirapoint, MySpace (NWS), MyPW, MX Logic, NameProtect, National Australia Bank (ASX: NAB) Netcraft, NetStar, Network Solutions, NeuStar, Nominum, Panda Software, Phoenix Technologies Inc. (PTEC), Phishme.com, Phorm, Prevx, The Planet, SIDN, SalesForce, Radialpoint, RSA Security (EMC), RuleSpace, SecureBrain, Secure Computing (SCUR), S21sec, Sigaba, SoftForum, SOPHOS, SquareTrade, SurfControl, SunTrust, Symantec (SYMC), TDS Telecom, Telefonica (TEF), Trend Micro (TMIC), Tricerion, TriCipher, TrustedID, Tumbleweed Communications (TMWD), Vasco (VDSI), VeriSign (VRSN), Visa, Wal-Mart (WMT), Websense Inc. (WBSN) and Yahoo! (YHOO).
Contacts
APWG
Peter Cassidy, 617-669-1123
pcassidy@antiphishing.org
http://www.antiphishing.org
or
Afilias
Heather D. Read, 215-706-5777
hread@afilias.info
http://www.afilias.info
or
Internet Identity
pr@internetidentity.com
253-590-4100
http://www.internetidentity.com
Peter Cassidy, 617-669-1123
pcassidy@antiphishing.org
http://www.antiphishing.org
or
Afilias
Heather D. Read, 215-706-5777
hread@afilias.info
http://www.afilias.info
or
Internet Identity
pr@internetidentity.com
253-590-4100
http://www.internetidentity.com
Permalink: http://www.businesswire.com/news/home/20100512005973/en/APWG-Report-Finds-Single-Electronic-Crime-Syndicate
