Fortinet Reports High Risk Threats
Fortinet has announced top 10 most reported high-risk threats for March 2007.
The threats are:
1. W32/Netsky.P@mm : Mass mailer : 4.62.
2. W32/Bagle.DY@mm: Mass mailer : 4.44.
3. HTML/Iframe_CID!exploit:Exploit: 3.93.
4. W32/Grew.A!worm Worm : 2.87.
5. W32/Istbar.PK!tr.dldr :Downloader: 1.63.
6. W32/Everda!tr Rootkit 1.56
7. Adware/Solutions180:Adware : 1.31
8. W32/Istbar.PK!tr.dldr Downloader: 1.63
9. W32/Everda!tr Rootkit: 1.56
10. Adware/Solutions180 Adware: 1.31
The list shows a wide-spread phishing attempt against a new financial institution, the return of 180Solutions Adware, along with an unusual entry, the Everda rootkit. Fortinet adds that the rootkit is used to hide file and registry information by patching the kernel service descriptor table.
As with any emerging rootkit technology, Everda can cause issues with host-based antivirus or antispyware software, since rootkits are harder to detect once installed.
Most notable this month, the Fortinet Global Security Research Team discovered a new instance of a MySpace “phisher worm”, originally reported in November 2006.
The original phisher worm is spread largely by social networking, through individuals unwittingly promoting rogue MySpace login pages by the way of bulletins (messages to all their friends).
The rogue site would then steal the user’s login credentials, and a server-side program on the rogue server would distribute the initial message to friends of the freshly phished user.
Fortinet claims that the latest variant was likely seeded using an available database of stolen profiles that hackers either bought or gathered via a previous phishing operation. They further state that the seemingly safe MySpace.com profiles have been covered with a transparent clickable image to direct visitors to a phishing page.
“Although the specific MySpace.com phisher worms pose immediate danger only to the site’s users, it is a reminder of the threats that exist within popular Web 2.0 communities, as well as the threat to steal financial, business and medical, as well as personal information.”, claims Lovet.
- CXOs Still Wary Of Cloud Data Security: Study
- More Customer-Facing Firms Will Use Chatbots In 2-3 Years
- AI, Cloud, IoT To Have Huge Impact On Semicon Revenue: KPMG
- PNB Scam: Some Tech Lessons For Indian Banks
- Why Financial Sector CIOs Should Get On Top Of Machine Learning
- Smart Cars Can Be The Next Big Thing For Indian IT Firms, Says Study
- Unnecessary Security Cordons Make Fintech More Vulnerable
- Using RPA For Greater Accuracy, Efficiency In Business
- E-Commerce Payment Market To Reach USD 135 Bn By 2023: Study
- Direct Co-ordination With CEO Can Maximise Cyber Security