Trend Micro has published a report into Shellshock, the critical vulnerability that threatened more than half a billion servers and devices worldwide during the third quarter.
“Our findings confirm that we are battling rapidly moving cybercriminals and evolving vulnerabilities simultaneously,” said Raimund Genes, CTO of Trend Micro. “Understanding that cybercriminals are finding vulnerabilities and potential loopholes in every device and platform possible will help us confront these challenges so technology can be used in a positive way.”
The surprising discovery of the Shellshock vulnerability emerged after going unnoticed for more than 20 years, suggesting the likelihood of more long, undiscovered vulnerabilities lurking within with operating systems or applications.
Trend Micro also noted that vulnerabilities in mobile platforms and apps are also proving to be a greater challenge. As in previous quarters, the report cites that significant and critical vulnerabilities were found in mobile platforms, such as Android.
Exploit kits were highly used in web platforms and provided cybercriminals another resource to compromise victim’s systems.
Also, in an effort to steal credit card information and money, cybercriminals are targeting large retailers’ point-of-sale (PoS) systems to execute massive data breaches. This ongoing practice further indicates that PoS networks are highly accessible and vulnerable.
Cyber thieves also used updated versions of older versions of popular malware and online banking malware to successfully target victims.
The United States tops the list of countries with the most PoS malware, ransomware, malicious URL sources and visits to malicious sites. Trend Micro said government institutions were reported to be the most targeted organizations.