Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Bitdefender web trend report for 1H09

BitDefender UK : 06 August, 2009  (Technical Article)
Malware and spam is adapting to online behavioural trends according to BitDefender's report on the 1st half of 2009
According to BitDefender, malware writing is becoming increasingly more professional - shaped after corporate models. BitDefender's latest malware and spam survey from January through to June 2009 shows a sharp rise in HTML newsletter-impersonating spam and Web 2.0 phishing attempts.

During the first six months of 2009, malware writers have continued their efforts to infect computer users in order to receive direct financial gain and/or to seize control over their machines. According to the report, Trojan-type malware is on the rise, accounting for 83 percent of the global malware detected in the wild.

While Trojans were the most active e-threats in the last six months, the notorious Downadup Internet worm caused the most damage to users. Downadup managed to infect a record number of worldwide computers (about 11 million) and made headlines of most, if not all, computer magazines and mainstream media. Targeting systems with unpatched MS08-067 vulnerabilities, the worm can send itself to any clean computer it has already infected on the same network and looks to gain access to file shares. Although Microsoft issued an out-of-cycle patch for the vulnerability, the infection is still in the wild, with hundreds of systems compromised on a daily basis.

Vlad Vâlceanu, head of BitDefender Antispam Research Lab said, "The Internet is one of the most important communications vehicles - used for business, schooling and leisure. It has also become a channel for criminals to gain access to a vast number of computer systems, financial data and information. Cybercriminals are not going to stop looking for ways to enhance their e-threats, which is why it is essential for computer users to make sure they have a security solution in place that can provide them with advanced, proactive protection."

BitDefender found that during the last six months, the most active countries in terms of malware were China, France and the United States, followed by Romania, Spain and Australia.

World's Top 10 Malware from January-June 2009

1 Trojan.Autorun.Inf 31
2 Win32.Worm.Downadup 13
3 Trojan.Wimad 13
4 Trojan.SkimTrim.HTML.A 11
5 Trojant.Agent.AKXM 10
6 Trojan.Autorun.AET 7
7 Worm.Autorun.WHG 5
8 Packer.Malware.NSAnti.1 4
9 Trojan.Spy.Agent.NXS 3
10 Trojan.JS.PZB 3

In terms of media and techniques, BitDefender analysts determined a continuing trend in text-based spam, which reached 80 percent this year compared to 70 percent for the same period in 2008. Additionally, image spam increased 150 percent since the first half of 2008. Incorporated via HTML newsletter-impersonating spam, downloadable images are included in a strategy developed by spammers to trick users into accepting images blocked by the email client and, at the same time, to bypass spam filters by slightly modifying the image's color palette.

Spam messages advertising pirated/OEM software products also increased dramatically compared to the same period last year. According to the statistics provided by the BitDefender Antispam Research Lab, software spam accounted for about 3 percent of worldwide spam. By June 2009, unsolicited email related to software products became one of the top five spam threats and accounted for 5 percent of the total spam messages sent worldwide.

The Top 10 list for the first half of 2009's most advocated content through e-mail spam includes:

1 Medicine Spam
2 Phishing Links
3 Loans/Mortgage
4 Malware Attached
5 Product Spam/Knockoff
6 Software/OEM
7 Pornography (non dating)
8 Dating Websites
9 Employment
10 Tie between Academic Diploma and Online Casino

From January through to June 2009, phishing messages reached an alarming threshold of 7 percent of the spam messages sent worldwide. As expected, the most receptive countries in terms of phishing are the United States, Canada and the United Kingdom - three English-speaking countries. However, Russia is another significant source of phishing messages, mostly because of its lax legislation regarding cyber-crime, as well as the country's current unemployment rate.

The phishing landscape is continuously evolving and morphing, including a rise in Web 2.0 phishing techniques. Social network user accounts are key elements for carrying out subsequent attacks to other network users. However, since respectable service providers have tightened security in order to protect their users' personal info, attackers have developed fake login pages in an attempt to get genuine user login credentials.

BitDefender Labs have found that most Web 2.0 phishing attempts in the first half of 2009 relied on social engineering schemes and speculated user naivety. The Twitter Porn Name scam is a good example. Users were invited to reveal their first pet name, as well as the first street on which they lived. These names are usually employed as backup/security questions. An e-crook possessing a person's username along with these "clues" can easily retrieve a password that he or she can later employ to access the account and send spam, access transactions, or use the account in whatever way necessary to make a profit, including demanding a ransom for release of the hijacked account.

However, phishers' favorite targets are constant. On average, the most used identities are related to the financial sector, primarily banks and wire transfer institutions.

The top three counterfeit business identities in the first half of 2009 include:

1 Bank of America
2 Paypal
3 Abbey

BitDefender estimates that more than 55,000 users fall victim to phishing scams each month, totaling an impressive 330,000 victims from January through to June 2009. In order to successfully deceive their victims, phishers must impersonate (aka. spoof) the genuine page as accurately as possible. However, while replicating the original webpage is simply a matter of copy-and-pasting, the spam message usually contains misspelled words and/or negligent formatting.

This is not the case with most of the phishing raids targeting Bank of America. Not only is the text impeccably laid out, but the phishing page has also been crafted with an unusual attention to detail, suggesting that the people responsible for the phishing attacks are a highly organized gang of cyber-criminals.

Vâlceanu commented, "Most importantly, unlike malware, phishing and spam are universal e-threats - they work on any computer, regardless of their operating systems and security patches. Extra caution and a highly-rated antimalware solution with antispam, antiphishing and antimalware modules are a must-have for anyone surfing the web."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo