The Deadly Duo: Spam and Viruses, February 2007

• Tweet
• Buffer

Advertising is found to be the leading category for URLs containing malicious code, 80 percent of which are hosted in the U.S., according to the "Web Security Trends Report: Q1 2007" released by Finjan.

"As commercial interests continue to drive e-crime, malicious code is more likely to be hosted on local servers in the U.S. and U.K. than in countries with less-developed e-crime law enforcement policies," the report says.

The "Internet Security Threat Report," released by Symantec, notes a shift in Internet attack activity from status-oriented attacks to attacks motivated by criminal activity. URLs are a target; attackers are discovering and exploiting medium-severity vulnerabilities in third-party applications such as Web applications and Web browsers.

A report released by Microsoft identified Web spam continues to be a major disseminator of unwanted messages and malware. The report states an increase of phishing, spam, bot networks, Trojans, and zero-day threats across the Web.

Threats may be appearing on the Web, but spam has gone up 222 percent since November 2005; 125 percent of the increase occurred within the last six months. E-mail-borne attacks in January and February focused mainly on propagating botnets (define) to fuel future attacks.

Data volumes in February grew to more than 17 terabytes within a 24-hour period, and average spasm blocked per day rose to more than 1 billion.

In its first malware miscellany report, Kaspersky Lab issued awards for the greediest and most pernicious Trojans and programs. Trojan-Spy.Win32.Banker.zd was judged the greediest Trojan targeting banks; Trojan-Spy.Win32.Banker.z was found to be the greediest Trojan targeting e-payment systems; and Backdoor.Win32.Neodurk.13 was the greediest program targeting plastic cards.