Fortinet Reports High Risk Threats
Fortinet has announced top 10 most reported high-risk threats for March 2007.
The threats are:
1. W32/Netsky.P@mm : Mass mailer : 4.62.
2. W32/Bagle.DY@mm: Mass mailer : 4.44.
3. HTML/Iframe_CID!exploit:Exploit: 3.93.
4. W32/Grew.A!worm Worm : 2.87.
5. W32/Istbar.PK!tr.dldr :Downloader: 1.63.
6. W32/Everda!tr Rootkit 1.56
7. Adware/Solutions180:Adware : 1.31
8. W32/Istbar.PK!tr.dldr Downloader: 1.63
9. W32/Everda!tr Rootkit: 1.56
10. Adware/Solutions180 Adware: 1.31
The list shows a wide-spread phishing attempt against a new financial institution, the return of 180Solutions Adware, along with an unusual entry, the Everda rootkit. Fortinet adds that the rootkit is used to hide file and registry information by patching the kernel service descriptor table.
As with any emerging rootkit technology, Everda can cause issues with host-based antivirus or antispyware software, since rootkits are harder to detect once installed.
Most notable this month, the Fortinet Global Security Research Team discovered a new instance of a MySpace “phisher worm”, originally reported in November 2006.
The original phisher worm is spread largely by social networking, through individuals unwittingly promoting rogue MySpace login pages by the way of bulletins (messages to all their friends).
The rogue site would then steal the user’s login credentials, and a server-side program on the rogue server would distribute the initial message to friends of the freshly phished user.
Fortinet claims that the latest variant was likely seeded using an available database of stolen profiles that hackers either bought or gathered via a previous phishing operation. They further state that the seemingly safe MySpace.com profiles have been covered with a transparent clickable image to direct visitors to a phishing page.
“Although the specific MySpace.com phisher worms pose immediate danger only to the site’s users, it is a reminder of the threats that exist within popular Web 2.0 communities, as well as the threat to steal financial, business and medical, as well as personal information.”, claims Lovet.
- Adobe, Microsoft, SAP Team Up For Open Data Initiative
- Millennials and Cybersecurity: Understanding the Value of Personal Data
- Microsoft, DSCI Team Up To Fill The Women In Cybersecurity Gap
- Email Based cyberattacks Continue To Soar: Study
- How Make in India Can Lead The World With Disruptive Innovation
- Poor Router Security Makes Indians Vulnerable To Cyber Attacks
- What's BitLocker’s Role In Encryption And Compliance?
- Why 4 out of 10 Security Alerts Go Attended Daily In India?
- Key Technologies Redefining Human Resources
- Research Reveals AI Is Creating More 'Human Friendly' Workplaces