TrendLabs 'Threat Trends 2010' - a very interesting report!

[~BD~]

The Year of the Toolkit!

The rise of toolkits turned non-techies into hackers; pharmaceutical
spam and mobile threats took center stage in 2010.

Wannabe cybercriminals were able to execute attacks with impunity and
relative ease thanks to toolkits, pre-written software programs designed
to steal information, rendering 2010 “The Year of the Toolkit” according
to Trend Micro threat researchers. Toolkits proliferated through mass
social media sites like Twitter throughout the year.

While overall global spam volume decreased, the U.S. received the most
spam with India coming in second, due to the country’s growth in
Internet usage and its use of English in most forms of formal
communication. Europe experienced the highest spike in spam, frequently
written in Spanish and most of which were online casino and gambling themed.

More than 80 percent of the top malware (that caused the most
infections) in 2010 arrived via the web. The majority of malicious URLs
and, consequently, victims of malware infections in 2010 were found in
the U.S. and China.

http://us.trendmicro.com/imperia/md/...10x210-web.pdf

[Bullwinkle.]

"~BD~" <~BD~@nomail.afraid.com> wrote in message
news:fcadnU5uT750pk_QnZ2dnUVZ7oqdnZ2d@bt.com...

[Mike Easter]

~BD~ wrote:
> The Year of the Toolkit!

> http://us.trendmicro.com/imperia/md/...10x210-web.pdf

That is an interesting article, but it is a very poorly 'designed' .pdf.
Very very poor.

They put 2 'actual' pages side by side on each .pdf page, and they chose
a light gray font with very poor contrast with its background.

It would be easier to read if all of the text were extracted. Or
perhaps I will see if Calibre can convert the .pdf to something else
which displays better.


--
Mike Easter

[David H. Lipman]

From: "Mike Easter" <MikeE@ster.invalid>

> ~BD~ wrote:
>> The Year of the Toolkit!
>
>> http://us.trendmicro.com/imperia/md/...10x210-web.pdf
>
> That is an interesting article, but it is a very poorly 'designed' .pdf. Very very poor.
>
> They put 2 'actual' pages side by side on each .pdf page, and they chose a light gray
> font with very poor contrast with its background.
>
> It would be easier to read if all of the text were extracted. Or perhaps I will see if
> Calibre can convert the .pdf to something else which displays better.
>

Nothing wrong with the layout. Kind of reminds me of Briefing Slides.

What matters is the content, not the delivery mechanism, and the delivery mechanism is
straight-forward and legible.

--
Dave
Multi-AV Scanning Tool - http://www.pctipp.ch/downloads/dl/35905.asp

[~BD~]

G. Morgan wrote:
> Mike Easter wrote:
>
>> It would be easier to read if all of the text were extracted. Or
>> perhaps I will see if Calibre can convert the .pdf to something else
>> which displays better.
>
> I didn't see the file, but can't you c&p the text?
>
> Sometimes I "select all"<ctrl+a>, copy<ctrl+c> then open MS Word and
> paste into new document. With word 2010 it works pretty well. Even
> keeping formatting if you choose.
>

*Why* haven't you seen the document, Graham?

It looks good using Safari, smaller font in Google Chrome though.

The content *is* interesting IMO. Did you simply choose not to look?

[G. Morgan]

~BD~ wrote:

>*Why* haven't you seen the document, Graham?

At the time you posted it I was busy.

>It looks good using Safari, smaller font in Google Chrome though.
>
>The content *is* interesting IMO. Did you simply choose not to look?

I looked, even tried to extract the text. I did, but it looks like
****.

It was interesting.

[~BD~]

G. Morgan wrote:
> ~BD~ wrote:
>
>> *Why* haven't you seen the document, Graham?
>
> At the time you posted it I was busy.

Simple as that! Thanks

>> It looks good using Safari, smaller font in Google Chrome though.
>>
>> The content *is* interesting IMO. Did you simply choose not to look?
>
> I looked, even tried to extract the text. I did, but it looks like
> ****.

And yet *you* are the professional! ;-)

Example, FYI ........

Era of Instant Crime

More than anything else, 2010 was distinguished by the full and proper
emergence of toolkits as a means to perpetrate cybercrime. While these
have always been a part of the cybercrime underground, in 2010 they
flourished and became an even bigger part of the overall threat landscape.

Let us take, for example, a typical scenario for malware attacks. Many
systems today are infected when users search for information utilizing
search engines. Sometimes the infection is readily apparent—FAKEAV—at
other times these are silent—banking Trojans. One would think that this
is the work of a skilled hacker but that is not always the case.

Poisoning search engine results—a technique known as blackhat search
engine optimization (SEO)—involves creating Web pages that will be
highly ranked for certain search terms. Doing this manually is tedious
but there are many point-and-click toolkits that automate the whole
process. Tools like XRumer and uMaxSoft Doorway Generator can take
target keywords and can automatically create thousands of the necessary
sites.

Next, a cybercrime gang needs to upload the said pages to sites— either
malicious or compromised. Again, compromising sites one by one is a
tedious process. Toolkits also considerably automate this process,
running the scripts needed to compromise sites en masse. Note that this
process occurs within hours, if not less, after a topic becomes newsworthy.

>
> It was interesting.
>

Phew! That's something, I suppose! <vbg>

[Mike Easter]

~BD~ wrote:

> Example, FYI ........
>
> Era of Instant Crime

<snip pasted text copied from page 2>

Using p2 for more examples. On the R half of page 2, there are 'obscure'
poor resolution screenshots from some kind of malware toolkits.

The best way to see both halves of p2 is to use the hand tool to move
the 100% zoom level page manually from the left to the right, and then
you still can't actually make out what is written in the screenshots.

I don't know the real purpose of using the malware toolkits for
illustration when the graphic is so obscure.

Then, if you similarly try to copy and paste the text from p3, you will
find it to be in 2 columns on the left side of the page and 2 more
columns on the R side of the page.

Dividing the page into 2 halves each with 2 columns is not the best
layout, especially since it requires moving the view from the left to
the right half, or else making the page very short vertically and very
wide horizontally which further compromises the view of the text which
has such poor contrast of slightly darker gray against slightly lighter
gray instead of black on white.

There are 3 more obscure graphics on the two halves of p3, but you /can/
see the name Spy Eye. Big deal.

Another fuzzy graphic is shown of the Facebook Password Hacker toolkit
on p4 which is also unnecessarily divided into two columns on the left half.

If the page weren't made into the awkward 'shape' of two halves which
are too wide horizontally and too short vertically, the relationship
between the optimal column width would be easier to achieve.

This .pdf was not designed with screen display in mind.

Also, if you try copying and pasting from the two column pages, your
results will likely be unpredictable. You might (or might not) have to
do each column separately; 4 C&P per page.


--
Mike Easter

[~BD~]

Mike Easter wrote:
> ~BD~ wrote:
>
>> Example, FYI ........
>>
>> Era of Instant Crime
>
> <snip pasted text copied from page 2>
>
> Using p2 for more examples. On the R half of page 2, there are 'obscure'
> poor resolution screenshots from some kind of malware toolkits.
>
> The best way to see both halves of p2 is to use the hand tool to move
> the 100% zoom level page manually from the left to the right, and then
> you still can't actually make out what is written in the screenshots.
>
> I don't know the real purpose of using the malware toolkits for
> illustration when the graphic is so obscure.
>
> Then, if you similarly try to copy and paste the text from p3, you will
> find it to be in 2 columns on the left side of the page and 2 more
> columns on the R side of the page.
>
> Dividing the page into 2 halves each with 2 columns is not the best
> layout, especially since it requires moving the view from the left to
> the right half, or else making the page very short vertically and very
> wide horizontally which further compromises the view of the text which
> has such poor contrast of slightly darker gray against slightly lighter
> gray instead of black on white.
>
> There are 3 more obscure graphics on the two halves of p3, but you /can/
> see the name Spy Eye. Big deal.
>
> Another fuzzy graphic is shown of the Facebook Password Hacker toolkit
> on p4 which is also unnecessarily divided into two columns on the left
> half.
>
> If the page weren't made into the awkward 'shape' of two halves which
> are too wide horizontally and too short vertically, the relationship
> between the optimal column width would be easier to achieve.
>
> This .pdf was not designed with screen display in mind.
>
> Also, if you try copying and pasting from the two column pages, your
> results will likely be unpredictable. You might (or might not) have to
> do each column separately; 4 C&P per page.
>
>

I agree that your points are valid, Mike - but it may simply be that
things have moved on rapidly with technology in the last five years.

I have no difficulty at all in reviewing the text, and illustrations, in
the format Trend elected to utilise - on my 24 inch iMac screen! <grin>

[Peter Foldes]

"Mike Easter" <MikeE@ster.invalid> wrote in message
news:93g5kuFcahU1@mid.individual.net...
> ~BD~ wrote:
>
>> Example, FYI ........
>>
>> Era of Instant Crime
>
> <snip pasted text copied from page 2>
>
> Using p2 for more examples. On the R half of page 2, there are 'obscure' poor
> resolution screenshots from some kind of malware toolkits.
>
> The best way to see both halves of p2 is to use the hand tool to move the 100%
> zoom level page manually from the left to the right, and then you still can't
> actually make out what is written in the screenshots.
>
> I don't know the real purpose of using the malware toolkits for illustration when
> the graphic is so obscure.
>
> Then, if you similarly try to copy and paste the text from p3, you will find it to
> be in 2 columns on the left side of the page and 2 more columns on the R side of
> the page.
>
> Dividing the page into 2 halves each with 2 columns is not the best layout,
> especially since it requires moving the view from the left to the right half, or
> else making the page very short vertically and very wide horizontally which
> further compromises the view of the text which has such poor contrast of slightly
> darker gray against slightly lighter gray instead of black on white.
>
> There are 3 more obscure graphics on the two halves of p3, but you /can/ see the
> name Spy Eye. Big deal.



There is nothing wrong at this end. Everything is clear and sharp and very readable

--
Peter
Please Reply to Newsgroup for the benefit of others
Requests for assistance by email can not and will not be acknowledged.
This posting is provided "AS IS" with no warranties, and confers no rights.
http://www.microsoft.com/protect