MazelTov and the Russian Underground Have It Going for Your Android Devices. And It's Not for "Good Luck"
The Internet has been a good place for individuals and businesses. However, it's fast becoming a leading medium for criminals in the cyber war against people like you and I. One example is the Russian underground. On their websites, you can find any type of Trojans, exploits, rootkits and fake documents. They also sell for examples Trojans, exploits and exploit bundles, fake documents, and stolen credit cards and credentials. These websites change continually, but you only need to access one of their forums to find where they sell things to commit cyber crime.
One popular malware today costs only $3,000. The name of the malware is MazelTov meaning "good luck" in Hebrew. Unlike the original meaning, MazelTov, a toolkit, is designed to help cyber criminals quickly spread malware to computers, tablets, and mobile phones. Hackers still produce viruses and spyware, but malware is much easier to spread to any device. Spreading malware has become the de facto of cyber crime. A report on the Russian underground from Trend Micro shows how profitable this type of malware for the "black" market and those who purchase them. You can read the report at Security Affairs.
Those who use the MazelTov’s kit can monetize an Android device by installing malware on an Android phone, either to steal the user's money or to take his data and sell it back on this market. According to Security Intelligence, the customers of the toolkit will receive "a package of goodies that include two registered domains, a landing page template to be used as the download site, a method to increase infection rates through social engineering, one-month paid hosting for the server of the malware application and consulting services to get immediate results."
The report also shows how the Russian underground market has grown in the last three years. Buying and selling tools and services to devise security attacks are quite trendy today, fueled by the high adoption rate of Android devices and the easy way to commit crimes on the Internet. Prices have dropped at the Russian underground sites. The Trojan Phoenix that was worth $500 in 2011 is now worth less than $30. The low prices make it even more affordable for anyone with bad intentions to purchase these underground products and services and immediately start their business.
On the contrary, legitimate businesses pay a hefty price. Target, a large US retailer, faced a class action lawsuit by the customers having their credit and debit cards hacked in 2014 and had agreed to pay out $10 million to settle the lawsuit. While many hacks and breaches don't result in lawsuits and fines, they still cost organizations in term of man effort to fix the issues, business loss due to down time, not to mention the loss of their customer confidence and trust.
To know more about how you can protect your valuable data and prevent similar exploits, please send us an email at support@teskalabs.com.
Most Recent Articles
- How big Log Management or SIEM solution does your organization need
- And the winner is...Go!
- Case Study - TeskaLabs SIEM for large Czech government organization
- TeskaLabs helps LINET with cyber security compliance for medical devices
- TeskaLabs and University hospital in Pilsen launches a pilot of zScanner - open source mobile app for medical photo documentation
You Might Be Interested in Reading These Articles
How TeskaLabs Helped O2 Improve Customer Satisfaction of eKasa Point-of-Sale (POS), the Most Successful POS Product / Mobile Cash Register on the Czech Market
In 2016 the Czech government introduced a new law that required businesses to report their sales and provide Electronic Evidence of Sales (EET). This law calls for the adoption of a more modern point-of-sale system that enables businesses to meet regulatory requirements set forth under this law. During the next two years, the law will gradually impact more than three hundred thousand companies in the Czech Republic. O2, the largest integrated telecommunications provider in the Czech market, observed that many would need help complying with this law, maintaining data security and demanding excellent customer support.
Published on August 08, 2017
Five Ways AI And Machine Learning Can Enhance Cybersecurity Strategy
Artificial Intelligence (AI) and its essential component machine learning are causing a stir in practically every industry from marketing to education. It’s no wonder designers and tech developers are finding ways to use the benefits of automated technologies to improve cybersecurity infrastructure and defend against increasingly complex and numerous cyber threats.
Published on June 24, 2020
The World of Mobile Apps Is Not As Secure As You Think
Mobile app startup companies are notorious for cutting corners. One of the first things that is cut is security. After all, they have the big guys like Comcast, AT&T, and Verizon to protect mobile users, right? Wrong! All the way down the line. TechCrunch's article about security for mobile devices is an interesting theory on the state of security on the Internet. Although, they do hit the mark in the article about how companies fix the problem after the fact of the security breach.
Published on January 13, 2015
