Web Threat Traffic Soars

by CXOtoday Staff    Jul 10, 2009

Fortinet’s June 2009 Threatscape Report shows dominance and significant growth in Web threat traffic, marked by increased volumes of malware and the highest rate of phishing attacks.

"There were some very noteworthy trends that surfaced in the June report, such as the growing popularity of Web-borne malware, which we see driving the next generation of threats to online services," said Derek Manky, project manager (cyber security and threat research) at Fortinet.

Hackers continue to attempt to drive mass traffic to their threats, utilizing various tactics aided by large online communities, and as a result - more than ever - users should be wary about who and what they trust, added Manky.

Some of the key highlights of the study include:

Making room for Web-borne malware

Bumping the resilient Netsky out of the malware Top 10 list, Zbot variants grabbed top positions in second and third place, with the most active variants - W32/Zbot.M and W32/Zbot.V - spreading keylogging and data siphoning Trojans through fake eCard mail and directing users to malicious sites.

Also contributing to the overall trend of malicious redirects, JS/PackRedir.A jumped 36 positions in the Top 10 list by redirecting visitors to sites containing malicious content in PDF and SWF files. With all of the new activity, online gaming Trojans still maintained top positions, holding tight to number one, while W32/Virut.A grabbed hold of the number four spot, albeit dropping a couple of ranks.

Spam take-down disappoints

Spam levels were unchanged this period, despite efforts to take down the alleged spam-centric network, 3FN/Pricewert.  Many campaigns remained aggressive, including the Canadian Pharmacy gang, which mirrored the efforts of Zbot with a fake eCard hook.

Vulnerabilities and active exploits prove consistency

On par with the May Threatscape Report, threat rates during this period continued to climb. Out of 108 newly-reported vulnerabilities this period, 62 were reported to be actively exploited, indicating an all-time high of 57.4% of active exploits. A majority of overall exploit activity was observed to come out of the US (22.2%).

The FortiGuard research team compiled threat statistics and trends for June based on data collected from FortiGate network security appliances and intelligence systems in production worldwide.