CC image courtesy of Harland Quarrington
Computer security firm McAfee has highlighted the role of the dark web malware industry as an enabler of high-profile point-of-sale (POS) attacks and data breaches.
The dark web made headlines last year after Ross Ulbricht, founder of the online drug market The Silk Road, was arrested.
Earlier in the year the Federal Bureau of Investigation (FBI) shut down dark web hosting company Freedom Hosting for allowing sites to support child pornography.
McAfee detailed the ease with which individuals could acquire POS malware from dark web markets in its McAfee Labs Threats Report: Fourth Quarter 2013 report.
“The fourth quarter of 2013 will be remembered as the period when cybercrime became ‘real’ for more people than ever before,” said Vincent Weafer, senior vice president for McAfee Labs.
The company said the number of digitally signed malware samples tripled over the course of 2013.
McAfee said the sudden increase in malware is due to the abuse of content distribution networks, which wrap malicious software within digitally signed, otherwise legitimate installers.
“McAfee Labs believes this accelerating trend could pose a significant threat to the long-established certificate authority (CA) model for authenticating “safe” software,” the company said.
“The impact of these attacks will be felt both at the kitchen table as well as the boardroom table. For security practitioners, the ‘off the shelf’ genesis of some of these crime campaigns, the scale of operations, and the ease of digitally monetising stolen customer data all represent a coming of age for both Cybercrime-as-a-Service and the ‘dark web’ overall,” said Weafer.