Shellshock threat makes a comeback in Q3: Trend Micro

Trend Micro’s latest quarterly security report indicates that the critical vulnerability, known as Shellshock threatened more than half a billion servers and devices worldwide.

Shellshock was notable last quarter due to the fact that it was not considered as an attack surface prior to its discovery, the report said.

Weeks before the Shellshock was found, a hardcoded backdoor was found in Netis routers that allowed cybercriminals to easily run arbitrary codes.

Exploit kits were heavily utilized last quarter, with FlashPack and Nuclear exploit kits seen in August and September, respectively.

Another noteworthy vulnerability was the WordPress plugin that led to the compromise of the Gizmodo Brazilian regional site along with two different news websites.

Google Chrome users were targeted by a malicious extension, which led to a chain of downloaded and dropped files that use legitimatesounding file names like flash.exe.

online banking fraud- by Trend Micro

“Our findings confirm that we are battling rapidly moving cybercriminals and evolving vulnerabilities simultaneously,” said Dhanya Thakkar, managing director, India & SEA, Trend Micro. “With this fluidity, it’s time to embrace the fact that compromises will continue, and we shouldn’t be alarmed or surprised when they occur.”

“Understanding that cybercriminals are finding vulnerabilities and potential loopholes in every device and platform possible will help us confront these challenges so technology can be used in a positive way,” Thakkar added.

The surprising discovery of the Shellshock vulnerability emerged after going unnoticed for more than 20 years, suggesting the likelihood of more long, undiscovered vulnerabilities lurking within with operating systems or applications, the report said.

Vulnerabilities in mobile platforms and apps are also proving to be a greater challenge. Critical vulnerabilities are found in mobile platforms such as Android. Exploit kits were highly utilized in Web platforms and provided cybercriminals another resource to compromise victim’s systems.

Although Google has released patches for these vulnerabilities, these does not always reach the majority of users because mobile patch deployments rely on device manufacturer and telecom providers, Trend Micro said.

Threat actors are targeting large retailers’Point-of-Sale (PoS) systems to execute massive data breaches. This ongoing practice further indicates that PoS networks are highly accessible and vulnerable.

POS malware infection - source Trend Micro

Early this year, one of the largest retail companies in the U.S. disclosed that approximately 40 million consumer credit and debit card information was compromised as a result of a breach in its systems, the report said.

Rajani Baburajan

[email protected]