Several security vendors have singled out a major theme during the second quarter and first half of 2010, and from the looks of things, criminals are starting to focus more on delivery and less on diversity.
E-mail becoming a booming Malware delivery method.(IMG:J.Anderson)
AppRiver’s senior security analyst, Fred Touchette, said that out of the 26 billion messages his company blocked for customers, one in 10 contained Malware. Interestingly enough, he also noted that 45 million of those messages were blocked in the last 30 days.
“Spam today is much more than just a nuisance, it is a vehicle for heavy malware distribution,” he said.
AppRiver’s findings jive well with a new report from Trusteer that makes mention of finance-based Malware targeting users in the UK. According to Trusteer, there are two pieces of regional Malware targeting banks in the United Kingdom: Silon and Agent.DBJP.
Silon is found on one in every 500 computers in the UK, Trusteer said, while Agent.DBJP is detected on one in 5,000 computers. Both families of Malware have been seen in the US, but the level of infection is drastically low when compared to the UK base. For example, Silon resides on one in every 500 computers in the UK compared to one in 20,000 in the US, according to Trusteer.
In addition, Trusteer discovered two UK-specific Zeus botnets. Although Zeus is the most known piece of finance-based Malware, the uniqueness of these botnets is that they only consist of UK-based computers and only target UK-based banks. All four families of Malware are spreading via email.
Criminals also latched on to the coattails of major events to spread their malicious messages during the first half of the year. AppRiver noted events such as the earthquake in Haiti, Tax season, and the World Cup as major Spam-related events.
As an aside, Symantec noted that 45 percent of all Spam sent in the month of June was World Cup-related, and AppRiver noted that it started seeing World Cup Spam messages as early as January.
Traditional Virus attacks accounted for 25 percent of all Malware during the second quarter, up from 15 percent over the previous three months. The jump, a report from Panda Labs said, is due to the small segment of Viruses that blur the line, going from typical Virus to a hybrid with Worm-like abilities, spreading itself much faster than normal.
“Today’s threats are blending traditional Virus capabilities, with Trojan, and sometimes Worm-like features. We’re moving from the world of ‘Virus’ and ‘Trojan’ to the all encompassing term of Malware,” said Panda’s Sean-Paul Correll.
Speaking of Trojans, the ever popular method of controlling a victim’s computer remotely was responsible for 53 percent of the Malware detected in the second quarter of 2010 by Panda.
In terms of location, Taiwan retains the number-one position for infection rankings by country, with more than 50 percent of all computers infected globally. Taiwan is followed by Russia and Turkey, which round out the top three places.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Comment on this Story