SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
Analyst Corner
Fortinet Announces Top Reported Threats For May 2007
Fortinet has announced the top 10 most reported high-risk threats for May 2007. May 2007's top 10 threats, as determined by the degree of prevalence are:
Rank Threat Name Threat Type % of Detections
1 W32/Dialer.PZ!tr Dialer 9.66
2 W32/Bagle.DY@mm Mass mailer 7.43
3 W32/Netsky.P@mm Mass mailer 7.15
4 HTML/BankFraud.E!phish Phish 6.54
5 HTML/Iframe_CID!exploit Exploit 5.97
6 W32/Sober.AA@mm Mass mailer 5.52
7 W32/Stration.JQ@mm Mass mailer 4.15
8 W32/ANI07.A!exploit Exploit 3.68
9 W32/Grew.A!worm Worm 3.20
10 W32/Bagle.GT@mm Mass mailer 2.73
Though phishing threats topped the list in past malware reports, Fortinet threat researchers reported something rather unique in May with the strong surge of W32/Dialer.PZ!tr. This marked the first time that a malware threat resulting from the combination of a bot and a dialer showed such a high activity, reaching the top position of Fortinet's threat list.
W32/Dialer.PZ!tr is designed to dial premium long distance numbers, however like all bots it may also download, execute and upgrade components. W32/Dialer.PZ!tr was primarily reported throughout Mexico and the United States, with Europe and Africa being the destination locations for the calls.
Requiring the use of an analog modem for dialing, an assumption can be made that cyber criminals targeted Mexico due to the country's high use of dial-up modems, and the United States for its high population. Malware such as this, which involves a bot embedding a dialer, is particularly rare and in this domain, the volume of W32/Dialer.PZ!tr is unprecedented. Fortinet threat researchers believe the introduction of this malware can possibly be linked to the rise of bots and the global DSL-isation of personal Internet connections, which also triggered the extinction of the dialers.
Other notable malware that occurred in May included a resurgence of the well-known mass mailer Sober in the form of W32/Sober.AA@mm, which witnessed the highest amount of activity since January 2006. Additionally, similarly to last month, W32/Stration.
Rank Threat Name Threat Type % of Detections
1 W32/Dialer.PZ!tr Dialer 9.66
2 W32/Bagle.DY@mm Mass mailer 7.43
3 W32/Netsky.P@mm Mass mailer 7.15
4 HTML/BankFraud.E!phish Phish 6.54
5 HTML/Iframe_CID!exploit Exploit 5.97
6 W32/Sober.AA@mm Mass mailer 5.52
7 W32/Stration.JQ@mm Mass mailer 4.15
8 W32/ANI07.A!exploit Exploit 3.68
9 W32/Grew.A!worm Worm 3.20
10 W32/Bagle.GT@mm Mass mailer 2.73
Though phishing threats topped the list in past malware reports, Fortinet threat researchers reported something rather unique in May with the strong surge of W32/Dialer.PZ!tr. This marked the first time that a malware threat resulting from the combination of a bot and a dialer showed such a high activity, reaching the top position of Fortinet's threat list.
W32/Dialer.PZ!tr is designed to dial premium long distance numbers, however like all bots it may also download, execute and upgrade components. W32/Dialer.PZ!tr was primarily reported throughout Mexico and the United States, with Europe and Africa being the destination locations for the calls.
Requiring the use of an analog modem for dialing, an assumption can be made that cyber criminals targeted Mexico due to the country's high use of dial-up modems, and the United States for its high population. Malware such as this, which involves a bot embedding a dialer, is particularly rare and in this domain, the volume of W32/Dialer.PZ!tr is unprecedented. Fortinet threat researchers believe the introduction of this malware can possibly be linked to the rise of bots and the global DSL-isation of personal Internet connections, which also triggered the extinction of the dialers.
Other notable malware that occurred in May included a resurgence of the well-known mass mailer Sober in the form of W32/Sober.AA@mm, which witnessed the highest amount of activity since January 2006. Additionally, similarly to last month, W32/Stration.
Related Links
None
