Data
released by Microsoft last week underscores the fact that the information criminals
choose to steal varies from country to country. China’s online criminals focus
on stealing the digital keys to popular online games, for example, while
Brazil’s data thieves prefer grabbing victims’ bank account information.
In a blog post published on August 10, Microsoft program manager Scott Wu compared the
worldwide malicious software trends to those of China and Brazil. The top four of
the most popular malicious programs, which closely follow the United States and
European markets, are three fake security software programs and a downloader
that installs fake security software. However, in China, four of the top five
threats are password stealers for online games, and in Brazil, three of the top
four threats are Trojans that steal the usernames and passwords for online bank
accounts.
Advertisement
Microsoft
expects the trend to continue. “As the malware ecosystem [has become] more
reliant on social engineering, threats worldwide have become more dependent on
language and cultural factors,” Microsoft said in an e-mail response to
questions regarding the blog post. “In China, several malicious browser
modifiers are prevalent. In Brazil, malware that targets users of online banks
is widespread. And in Korea, viruses are common.”
This story is only available to subscribers.
Don’t settle for half the story.
Get paywall-free access to technology news for the here and now.
While
legal policy has not quite caught up with rogue security software in the United
States, Microsoft says that social engineering, not legal holes, are what
determines the threat trends.
“Most
likely, the threat landscape varies more because of the possibility of
returns,” says Microsoft. “Rogue security software purveyors will likely
focus on the regions where people are more willing and likely to pay (with a
credit card) for what they think is legitimate security software.”
A comparison between the malicious software prevalent on compromised computers in Brazil and China and those worldwide. (Source: Microsoft)
Most
purveyors of such programs are pursued with a civil lawsuit by the Federal
Trade Commission (FTC), not with criminal prosecution. For example, last year,
the FTC won a $1.9 million judgment against Innovative Marketing, which sold
more than 1 million copies of fake security software for at least $39.95 each.
Only
one of the most prevalent threats in Brazil and China–a program called
Frethog– is also common worldwide. The software steals passwords for popular
games and rankssecond in China, fifth in Brazil and eighth worldwide, according
to Microsoft’s data.
Another
password stealer, called Taterf, is on the top 10 list both in Brazil and worldwide.
It steals credentials for popular online games such as World of Warcraft and Lineage
and ranks second on the top 10 list of malicious software in Brazil and first
on the worldwide list. Finally, the bot programs Rbot and Zlob are on both the
Brazilian list and the worldwide list.
