. Updated Daily. Editions SDA India   SDA Indonesia
BUSINESS ENTERPRISE SOLUTIONS ARCHITECTURE INFORMATION SECURITY WIRELESS & MOBILITY DATA & STORAGE DEVELOPMENT HARDWARE













News

Tuesday, 4 December 2007

Top 10 Threats for November 2007
 

 

With the holiday season just around the corner, a spike in malicious online advertising and sophisticated Internet threats have been noticed according to a threat report released by Fortinet.

The report, which was was released by late last month, also highlighted the emergence of new adware such as TCent and Bdsearch.

An example of the increasing sophistication of malware is Stration.JQ, which relies on an advanced social engineering strategy based on dual attachments. While the email received by end users aims at misleading them by providing instructions for personal account access, the innovation lays in the attachments: an “authorization module”, which is in fact Stration.JQ, coupled with a PDF attachment containing financial information such as an invoice, a fee analysis, etc. The content of the email and PDF are both intended to stir the user’s curiosity and make the request sound legitimate, therefore tremendously increasing the click-through rate of the mass mailer. Unfortunately, any user opening the "authorization module" will turn her/his computer into a bot.

“Hacking legitimate site content to host malicious code has become very common. This month, many trusted Internet sites were unwittingly ‘hosting’ flash advertisements injected with encrypted redirects, forcing users to visit other sites once the ad was displayed. More determined efforts to conceal malware using trusted sources are likely to be made as we enter into the busy holiday season of December,” said Derek Manky, security research engineer at Fortinet.

“Examples of adware such as Clicker.AC illustrate the trend in what is becoming the blend between malware and grayware and further emphasizes the need for threat awareness, not only from the end user’s perspective, but also for corporations and their affiliates.”

The top 10 most reported high-risk threats for November 2007 were:

1. W32/Netsky!similar
2. HTML/Iframe_CID!exploit
3. HTML/Clicker.AC!tr
4. W32/ANI07.A!exploit
5. W32/Stration.JQ@mm
6. W32/MyTob.CJ@mm
7. W32/Bagle.DY@mm
8. W32/Grew.A!worm
9. Adware/TCent
10. Adware/Bdsearch

 
 
print save email comment

print

save

email

comment
 
 

Search SDA Asia

Free eNewsletter
SDA Asia Magazine Free Download
 
 
 
Copyright @ 2008 SDA Asia Magazine - All Right Reserved Privacy Policy | Terms of Use