The Deadly Duo: Spam and Viruses, February 2007
Spam and sites containing malicious code shift from status-oriented attacks to criminal activity.
Advertising is found to be the leading category for URLs containing malicious code, 80 percent of which are hosted in the U.S., according to the “Web Security Trends Report: Q1 2007” released by Finjan.
“As commercial interests continue to drive e-crime, malicious code is more likely to be hosted on local servers in the U.S. and U.K. than in countries with less-developed e-crime law enforcement policies,” the report says.
The “Internet Security Threat Report,” released by Symantec, notes a shift in Internet attack activity from status-oriented attacks to attacks motivated by criminal activity. URLs are a target; attackers are discovering and exploiting medium-severity vulnerabilities in third-party applications such as Web applications and Web browsers.
A report released by Microsoft identified Web spam continues to be a major disseminator of unwanted messages and malware. The report states an increase of phishing, spam, bot networks, Trojans, and zero-day threats across the Web.
Threats may be appearing on the Web, but spam has gone up 222 percent since November 2005; 125 percent of the increase occurred within the last six months. E-mail-borne attacks in January and February focused mainly on propagating botnets (define) to fuel future attacks.
Data volumes in February grew to more than 17 terabytes within a 24-hour period, and average spasm blocked per day rose to more than 1 billion.
| Top Web Filtering Blocks by Category, February 2007 |
|
|---|---|
| Category | Blocked (%) |
| Advertising and promotion | 15.79 |
| Chat and instant messaging | 13.72 |
| Webmail | 11.18 |
| Hosting and IT services | 8.46 |
| Software and hardware | 6.22 |
| Search and portals | 3.86 |
| Music | 3.77 |
| Films and TV | 3.46 |
| Pornography | 3.29 |
| Gambling | 3.17 |
| Source: Postini, 2007 | |
In its first malware miscellany report, Kaspersky Lab issued awards for the greediest and most pernicious Trojans and programs. Trojan-Spy.Win32.Banker.zd was judged the greediest Trojan targeting banks; Trojan-Spy.Win32.Banker.z was found to be the greediest Trojan targeting e-payment systems; and Backdoor.Win32.Neodurk.13 was the greediest program targeting plastic cards.
| Top 20 Viruses, February 2007 | ||
|---|---|---|
| Position | Name | Percentage |
| 1 | Email-Worm.Win32.NetSky.t | 15.82 |
| 2 | Email-Worm.Win32.Bagle.gt | 11.85 |
| 3 | Email-Worm.Win32.Zhelatin.dam | 8.19 |
| 4 | Email-Worm.Win32.NetSky.g | 7.92 |
| 5 | Wmail-Worm.Win32.Zhelatin.o | 6.83 |
| 6 | Email-Worm.Win32.Warezov.ls | 5.03 |
| 7 | Net-Worm.Win32.Mytob.c | 3.72 |
| 8 | Email-Worm.Win32.Zhelatin.u | 3.58 |
| 9 | Email-Worm.Win32.Zhelatin.m | 3.30 |
| 10 | Email-Worm.Win32.NetSky.aa | 3.27 |
| 11 | Email-Worm.Win32.Zhelatin.r | 2.87 |
| 12 | Trojan-Downloader.Win32.Tibs.jr | 2.43 |
| 13 | Email-Worm.Win32.Zhelatin.t | 1.94 |
| 14 | Email-Worm.Win32.Scano.gen | 1.83 |
| 15 | Email-Worm.Win32.Nyxem.e | 1.66 |
| 16 | Email-Worm.Win32.NetSky.b | 1.59 |
| 17 | Packed.Win32.PePatch.gr | 1.52 |
| 18 | Net-Worm.Win32.Mytob.t | 1.39 |
| 19 | Email-Worm.Win32.Bagle.gen | 1.26 |
| 20 | Exploit.Win32.IMG-WMF.y | 1.14 |
| Other malicious programs | 12.86 | |
| Source: Kaspersky Lab, 2007 | ||
