Hackers now targeting victims with country and culture-specific malware

malware

Hackers are targeting specific countries with their malware now, new research from security firm Sophos shows.

The security firm analyzed millions of devices worldwide and has come up with the conclusion that it seems to be more lucrative if the malware is specifically designed to target certain cultures or countries.

Scams are also getting harder to notice, as hackers now counterfeit different company logos and invoices perfectly. You could be getting an electricity bill or a speeding ticket that is, in fact, a scam attempt.

"You have to look harder to spot fake emails from real ones", said Chester Wisniewski, senior security advisor at Sophos. "Being aware of the tactics used in your region is becoming an important aspect of security".

For example, besides the US or the UK, Cryptowall targets Germany and France, TorrentLocker Italy and Spain, and TeslaCrypt Singapore and Thailand.

The researchers say these scam emails have perfect spelling and grammar, no matter which language they use.

"Even money laundering is localized to be more lucrative. Credit card processing can be risky for criminals, so they started using anonymous Internet payment methods to extort money from ransomware victims", said Wisniewski.

"We have seen cyber-crooks using local online cash-equivalent cards and purchasing locations, such as prepaid Green Dot MoneyPak cards from Walgreens in the U.S. and Ukash, which is now paysafecard, from various retail outlets in the U.K".

Researchers are saying there could be multiple reasons why cyber-criminals are targeting specific countries. Or, why they’re leaving out specific ones.

"Cybercriminals are programming attacks to avoid certain countries or keyboards with a particular language", said Wisniewski. "This could be happening for many reasons. Maybe the crooks don’t want attacks anywhere near their launch point to better avoid detection. It could be national pride or perhaps there’s a conspiratorial undertone to create suspicion about a country by omitting it from an attack".

The reasons might not be known, but the practice surely is.

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Photo Credit: andriano.cz/Shutterstock

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.