Children learning to code maliciously, report says

8 February 2013
By Sofia Mitra-Thakur
Mobile version
Share |
Pre-teens are writing malware designed to steal login details from online gamers

Pre-teens are writing malware designed to steal login details from online gamers

A new report has revealed that pre-teens are writing malware designed to steal login details from online gamers.

Anti-virus company AVG released the report which investigated a number of malicious software developments, including the case of a Trojan developed by an 11-year-old child to steal game login information.

AVG said that in a world filled with laptops, tablets and smartphones, today’s children become digitally fluent far earlier than previous generations.

While stealing someone’s game logins may at first seem a minor problem, online gaming accounts are often connected to credit card details to enable in-game purchases, and may also have virtual currency attached to them amounting to hundreds of dollars. 

Furthermore, many gamers unfortunately use the same login details for social networks such as Facebook and Twitter, potentially putting the victim at risk of cyber-bullying, in addition to identity theft and major inconvenience.

“We have now seen a number of examples of very young individuals writing malware, including an 11-year-old from Canada,” said Yuval Ben-Itzhak, chief technology officer at AVG Technologies. “The code usually takes the form of a basic Trojan written using the .NET framework, which is easy to learn for beginners and simple to deploy via a link in an email or posted on a social media page.

“We believe these junior programmers are motivated mainly by the thrill of outwitting their peers, rather than financial gain, but it is nevertheless a disturbing and increasing trend. It is also logical to assume that at least some of those responsible will be tempted to experiment with much more serious cyber-crimes.”

The report also highlighted the increase in mobile malware, particularly of code designed to target Google’s Android operating system.

During the course of 2012, AVG Threat Labs reported on the First Android Rootkit, examples of mobile banking being targeted for attack, malicious apps that send text messages to premium rate services, and Trojan-infected versions of popular games on unofficial app stores, including bestseller Angry Birds Space.

Mobile threats also feature in the Threat Report’s predictions for 2013, notably in the form of increased MITMO (Man-In-The-Mobile) attacks that target PC and mobile Internet banking apps.

Such threats might benefit from the growing BYOD trend, where workers connect their personal mobile devices to company networks.

Alongside the rise in mobile malware, the Threat Labs found exploit toolkits continue to dominate when it comes to online threats.

Almost 60 per cent of all threat activity online was performed by exploit toolkits in 2012.

The use of such kits is believed to be the result of established cyber-criminals realising that they can create and sell commercial toolkits at a premium to less technically savvy peers eager to get into the market. 

One example of a new exploit toolkit which emerged during the last quarter of 2012, and bore a remarkable resemblance to the Blackhole Exploit Kit, was the Cool Toolkit.

This new toolkit accounted for 16 per cent of the top Web threats in Q4 2012, topped only by Blackhole at 40 per cent.

Further information:

Read the full report

Share |

Latest Issue

E&T cover image 1411

"This issue we honour a national hero, and the subject of Benedict Cumberbatch's latest film, codebreaker Alan Turing"

E&T jobs

E&T Marketplace

The essential source of engineering products and suppliers.

Subscribe

Choose the way you would like to access the latest news and developments in your field.

Subscribe to E&T