Crimeware: the silent epidemic

Crimeware: the silent epidemic

Malware evolves to focus on obtaining financial returns

Virus creators are no longer acting out of curiosity or in search of notoriety, but are now looking for financial returns. Previously, the greatest potential danger was the formatting of computers. Nowadays, your money and confidential information is at risk.

Crimeware: an overview.

Crimeware is not a category on its own, separate from other IT threats. It is a collective name used to describe all malware with a common objective: obtaining money or confidential information.

For example, a type of malware usually referred as crimeware are bots. For a better understanding of this threat, you may watch this animation, which discusses bots and botnets.


Why should I be worried crimeware?

The harmful effects of crimeware are:

  • Private data theft.
  • Financial losses through the theft of passwords for accessing online services.
  • Legal problems through the use of the compromised computer by third parties for illicit activities.
  • Identity theft.
  • Intrusion of privacy.
  • Loss of productivity through system slowdowns, operating system errors, etc.
  • Saturation with unwanted advertising: spam, pop-up windows, etc.

The victims of crimeware could be both consumers and businesses. In fact any person or company with an Internet connection, regardless of their characteristics, business sector or interests, could be attacked at any time.

One of the most concerning aspects about this new scenario is precisely the fact that crimeware has been designed to silently compromise systems.

Worse still, the fact that these are customized attacks makes it incredibly difficult for conventional antivirus solutions to detect them.

Moreover, very often these attacks are not reported due to a sense of defenselessness or in order to avoid negative publicity.


What is crimeware?

Crimeware can be defined as the programs and social engineering designed to fraudulently obtain financial gain from either the affected user or third parties.

For a more general perspective, let's look in more detail at the concepts within this definition:


Most crimeware consists of malicious programs designed specifically to:

  • Gather confidential information: credit card numbers, passwords, etc.
  • Register the keystrokes made on a computer.
  • Take control of a computer and execute remote commands.

Social engineering techniques

Social engineering, in this context, involves trying to obtain confidential information from users by tricking them into doing things that their security policy would prevent them from doing.

It's the perfect combination: a carefully selected social engineering ploy convinces users to hand over their data or install a malicious program which captures information and sends it on to the fraudsters.

Fraudulent financial returns

In all cases, the aim of crimeware is to obtain financial returns:

  • Directly, using the stolen information: emptying bank accounts, trading confidential data, etc.
  • Indirectly: for example, through renting botnets.

Affected users and companies

Users and companies whose confidential data is stolen are the main victims of crimeware.

Third parties

However, they are not the only ones affected. For example, in the case of bots, the compromised computer is used merely as a tool to launch illicit operations against third-parties: sending spam, denial of service attacks, distribution of malware, etc.


What is considered crimeware?

There are several categories of malware that, due to their characteristics are considered crimeware, these include:

  • Trojans, especially keyloggers, password stealers and bankers.
  • Bots: allow computers to be controlled through remote orders.
  • Phishing: messages that try to get users to reveal passwords for accessing online services: banks, webmail, etc. These messages can be mass-mailed or sent to specific targets (spear phishing).
  • Adware: displays on-screen advertising.
  • Spyware: collects and transmits information about users' Internet movements.
  • Spam: mass-mailing of advertising.
  • Dialer: redirects dial-up connections to premium-rate numbers.


How can I protect myself from crimeware?

IT security tools

One of the best ways of protecting yourself against crimeware, as well as other potential threats, is to install a security solution with the following features:

  • Services in addition to the product itself: daily updates, tech support, customer services, etc.
  • All the necessary protection technologies:
    • Antivirus.
    • Antispyware.
    • Firewall.
    • Proactive technologies to detect unknown malware by analyzing its behavior (HIPS, Host-based Intrusion Prevention System).


Vulnerabilities and security patches

Download and apply security patches for vulnerabilities in the applications that you have installed. These patches are available from the website of each developer.

Information as a defensive strategy

As in many other areas, information is one of the first lines of defense. Stay up-to-date with news related to crimeware and its methods by visiting reliable security information websites.

Common sense to combat social engineering

How can you use common sense to protect yourself from crimeware? For example:

  • Has an email really come from your bank just because the sender's address says so? NO. The sender's address could be spoofed.
  • Has an email really come from your bank just because it includes the banks logos? NO. The logos are easily obtained on the Internet or copied using a graphic design program.

Imagine you are standing in the street and a stranger in a suit comes up to you, hands you his business card and says he is are an employee of your bank and asks you for your credit card and PIN to carry out a security check.

Would you tell him? Obviously not, at least not without making some kind of independent verification. So why would you blindly trust messages received by email?

Above all, act with caution

  • Scan all emails received with your antivirus, even if you think you know the sender.
  • Don't download programs from dubious Internet sites and make sure that any programs you download are certified by a public organization, editorial group or antivirus company.
  • Pay special attention to any signs of unusual behavior in your computer (increase in file sizes, unusual warnings from Windows, emails from unknown sources or in different languages, etc.)


Panda Security offers various solutions to safeguard your computer from crimeware, as well as from other threats like viruses, hackers or phishing.