home
 











Attacks & vulnerabilities
Fortinet Announces Top Reported Threats for June 2007  
July 2007   

Fortinet announced the top 10 most reported high-risk threats for June 2007. The report, compiled from all FortiGate™ multi-threat security systems in production worldwide, is a service of the Fortinet Global Security Research Team.

June 2007’s top 10 threats, as determined by the degree of prevalence are: Rank Threat Name Threat Type % of Detections
1 W32/Dialer.PZ!tr Trojan 13.43
2 W32/Bagle.DY@mm Mass mailer 10.05
3 W32/Netsky.P@mm Mass mailer 7.11
4 HTML/Iframe_CID!exploit Exploit 5.90
5 W32/ANI07.A!exploit Exploit 3.52
6 W32/Grew.A!worm Worm 3.50
7 W32/Bagle.GT@mm Mass mailer 2.43
8 W32/Sober.AA@mm Mass mailer 1.98
9 W32/Stration.JQ@mm Mass mailer 1.89
10 W32/Sality.Q Virus 1.75

The June top 10 highlights the following:
• The Top 10 remains fairly consistent, with Grew.A, Bagle.GT, Sober.AA, Stration.JQ and ANI07.A keeping similar relative positions.
• New to the top ten is Sality.Q coming in at the bottom to fill the void left by the departure of the BankFraud.E phishing attack from the Top 10.

• ANI07.A, a mainly web-based exploit, is more notable this month since the vulnerability has been patched yet continues to maintain last month’s pace.

The most notable threat in the June top 10 is Dialer.PZ, as the bot-embedded dialer once again takes the reigns, besting W32/Bagle.DY@mm and Netsky.P@mm. Last month the Fortinet Global Security Research Team reported on the life cycle of W32/Dialer.PZ!tr, which spanned from dynamic design, assembly line manufacturing and intelligent statistic reporting to geographic deployment strategy and payload. W32/Dialer.PZ!tr kicked off June exactly where it left off last month, streaming primarily across Mexico and the USA at a torrential pace thanks to the continued aggressive distribution campaign. The threat has been spotted in many other regions across the globe as well. “These seasoned malware creators seem to have been inspired by the prospects of an infectious summer, and as a result have been busy packing,” said Derek Manky, Fortinet security research engineer. “Rest assured, however, these attackers are not packing their bags to leave for a summer vacation — they have merely wrapped up their malicious creation in a package which they hope will not be inspected by the cyber sentries while trying to cross over virtual borders.”

Manky also reports that the malware creators had changed a component in their creation process by packing W32/Dialer.PZ!tr with a new variation of the popular run-time packer UPX. The first recorded sample stamped by the malware creators using this new packer was created on June 21, 2007.

To read the full June report, please visit:
http://www.fortiguardcenter.com/reports/roundup_jun_2007.html.

July 2007  
comment



Google











 
ADMIN ::: site web et template SPIP ::: Oxymium :::         
IT security solution(s), IT security , anti virus, IT security protection, virus, job offer/employment , network security news, network security , IT security magazine, virus alert, special report on IT security/IT security feature, IT security project, biometry, telecom network security, spyware security/spyware protection, trojan information, trojan, IT intrusion, spam, email security, anti-spam software, firewall security/firewall protection, firewall, telecom security, hackers/cyber criminals, trojan horse, storage, SAN, FNA?, IT backup