No Summer Vacation for Malware, E-mail Scams

by CXOtoday Staff    Sep 01, 2009


According to Fortinet’s August 2009 Threatscape Report, there was no slowdown in malware activity that is usually executed through spam campaigns during the summer holidays. In fact, increasing levels of software vulnerabilities were marked by critical ‘in-the-wild’ exploits.

The ZBot variant surpassed the single-day run of the Sober worm in 2006, the Storm worm in 2007 and rogue security software in 2008. ZBot variants spread over the Internet on July 24th at record levels. It spread through an HTML e-mail, as an attachment, to steal and sell personal consumer information. An additional ZBot variant even made it to the top 10 malware list. (An online gaming trojan W32/OnlineGames.BBR retained its first place position for the third consecutive month.)

Spam continues unabated, especially through the popular eCard social engineering campaign. E-mails based on the ‘money mule scheme’ still seems to be duping unware users. Fake job advertisements with a legitimate company name also continues to fool victims into believing the e-mail scam. Israel figured in the top five region list for receiving high spam volume. The U.S., Japan and France accounted for the remaining share of detected spam.

Fortinet reported that there has been a rise in the number of critical vulnerabilities since July. Of 168 new vulnerabilities detected, 62 were reported to be actively exploited in the wild. A large portion of these attacked vulnerabilities have been rated as critical. (Critical vulnerabilities indicate a concern for remote code execution, which is an easy way for attackers to gain access to a system.) The network security company also reported that two in-the-wild vulnerabilities in Microsoft Office Web Components (MS09-043) and in Adobe Reader/Flash (APSA09-03) were detected to have consistent exploit activity during this period, as well.

The threat statistics and trends for August are based on data collected from FortiGate network security appliances and intelligence systems that are in production worldwide. The full August Threatscape Report is available on the Fortinet website. Please visit: http://www.fortiguard.com/report/roundup_august_2009.html

Related Articles:
Web Threat Traffic Soars