Skip to main content

Country-specific malware on the rise

Hackers are targeting specific countries with their malware now, new research from security firm Sophos shows.

The security firm analysed millions of devices worldwide and has come up with the conclusion that it seems to be more lucrative if the malware is specifically designed to target certain cultures or countries.

Scams are also getting harder to notice, as hackers now counterfeit different company logos and invoices perfectly. You could be getting an electricity bill or a speeding ticket that is, in fact, a scam attempt.

“You have to look harder to spot fake emails from real ones,” said Chester Wisniewski, senior security advisor at Sophos. “Being aware of the tactics used in your region is becoming an important aspect of security.”

For example, besides the US or the UK, Cryptowall targets Germany and France, TorrentLocker Italy and Spain, and TeslaCrypt Singapore and Thailand.

The researchers say these scam emails have perfect spelling and grammar, no matter which language they use.

“Even money laundering is localised to be more lucrative. Credit card processing can be risky for criminals, so they started using anonymous Internet payment methods to extort money from ransomware victims,” said Wisniewski.

“We have seen cyber-crooks using local online cash-equivalent cards and purchasing locations, such as prepaid Green Dot MoneyPak cards from Walgreens in the U.S. and Ukash, which is now paysafecard, from various retail outlets in the U.K.”

Researchers are saying there could be multiple reasons why cbyer-criminals are targeting specific countries. Or, why they're leaving out specific ones.

“Cybercriminals are programming attacks to avoid certain countries or keyboards with a particular language,” said Wisniewski. “This could be happening for many reasons. Maybe the crooks don’t want attacks anywhere near their launch point to better avoid detection. It could be national pride or perhaps there’s a conspiratorial undertone to create suspicion about a country by omitting it from an attack.”

The reasons might not be known, but the practice surely is.

Photo Credit:

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.