Fortinet Reports High Risk Threats
Fortinet has announced top 10 most reported high-risk threats for March 2007.
The threats are:
1. W32/Netsky.P@mm : Mass mailer : 4.62.
2. W32/Bagle.DY@mm: Mass mailer : 4.44.
3. HTML/Iframe_CID!exploit:Exploit: 3.93.
4. W32/Grew.A!worm Worm : 2.87.
5. W32/Istbar.PK!tr.dldr :Downloader: 1.63.
6. W32/Everda!tr Rootkit 1.56
7. Adware/Solutions180:Adware : 1.31
8. W32/Istbar.PK!tr.dldr Downloader: 1.63
9. W32/Everda!tr Rootkit: 1.56
10. Adware/Solutions180 Adware: 1.31
The list shows a wide-spread phishing attempt against a new financial institution, the return of 180Solutions Adware, along with an unusual entry, the Everda rootkit. Fortinet adds that the rootkit is used to hide file and registry information by patching the kernel service descriptor table.
As with any emerging rootkit technology, Everda can cause issues with host-based antivirus or antispyware software, since rootkits are harder to detect once installed.
Most notable this month, the Fortinet Global Security Research Team discovered a new instance of a MySpace “phisher worm”, originally reported in November 2006.
The original phisher worm is spread largely by social networking, through individuals unwittingly promoting rogue MySpace login pages by the way of bulletins (messages to all their friends).
The rogue site would then steal the user’s login credentials, and a server-side program on the rogue server would distribute the initial message to friends of the freshly phished user.
Fortinet claims that the latest variant was likely seeded using an available database of stolen profiles that hackers either bought or gathered via a previous phishing operation. They further state that the seemingly safe MySpace.com profiles have been covered with a transparent clickable image to direct visitors to a phishing page.
“Although the specific MySpace.com phisher worms pose immediate danger only to the site’s users, it is a reminder of the threats that exist within popular Web 2.0 communities, as well as the threat to steal financial, business and medical, as well as personal information.”, claims Lovet.
- Indians Lack Awareness On Malicious Cryptomining: Study
- Despite Potential, AI Has Many Issues To Be Sorted
- CXOs Struggling To Turn Digital Strategies into Performance
- The Digital Messiah: Inside Accenture's Innovation Hub
- Taming The 3 Dragons of Network Monitoring
- Edge Computing Drives Internet Of Thing's Growth: Study
- Iris Global On Expansion Spree; Ventures Into India's Cyber Security Biz
- Lenovo Promotes Bhaskar Choudhuri To CMO For Asia Pacific
- AI Is The Future of Cybersecurity
- 5 Steps CISOs Can Implement to Enhance Customer Experience