In the face of diminishing returns from ransomware and cryptojacking, cyber criminals are switching to alternative money-making methods, such as formjacking, warns Symantec
Symantec’s latest Internet Security Threat Report (ISTR), based on data from its Global Intelligence Network, which records events from 123 million attack sensors in more than 157 countries, states that every month more than 4,800 unique websites are compromised with formjacking code that steals shoppers’ payment card details.
Growth in formjacking has coincided with reduced ransomware activity (infections down 20%) and cryptojacking activity, in which cyber criminals harness stolen processing power and cloud CPU usage from consumers and enterprises to mine cryptocurrency (infections down 52%).
This, says Symantec, is primarily due to declining cryptocurrency values and increased adoption of cloud and mobile computing, which have rendered attacks less effective.
That said, the report does warn that the same security mistakes that were made on PCs during their initial adoption by enterprises are now occurring in the cloud, with more than 70 million records stolen or leaked from poorly configured S3 buckets in the last year alone.
There are numerous tools that allow attackers to identify misconfigured cloud resources on the internet, while hardware chip vulnerabilities like Meltdown, Spectre and Foreshadow put cloud services at risk of being exploited to gain access to the protected memory spaces of other companies’ resources hosted on the same physical server.
The report also warns about the risks to privacy posed by smartphones, which Symantec describes as “arguably the greatest spying device ever created – a camera, a listening device and location tracker all in one that is willingly carried and used wherever its owner goes”.