Which is the most popular malware propagation tactic?

Summary: According to Microsoft's recently released Security Intelligence Report, that's socially engineered malware, malware requiring user interaction such as campaigns enticing users into downloading and executing a malicious file.

According to Microsoft's recently released Security Intelligence Report, that's socially engineered malware (scareware pop ups; blackhat search engine optimization attacks), or malware requiring user interaction such as campaigns enticing users into downloading and executing a malicious file.

More propagation tactics:

  • User Interaction required - 44.8%
  • AutoRun USB - 26%
  • AutoRun: Network - 17.2%
  • File Infector - 4.4%
  • Exploit: Update Long Available - 3.2%
  • Exploit: Update Available - 2.4%
  • Password Brute Force - 1.4%
  • Office Macros - 0.3%
  • Exploit: Zero Day - 0%

Based on a sample of 600 million systems worldwide, the research further positions AutoRun USB infection as the second most popular malware propagation tactic, based on the data provided by the software giant. Microsoft disabled AutoRun by default on Windows XP/Vista in February in order to prevent malware infections. The results, at least according to Microsoft, have indicated a significant decline in malware using AutoRun as a spreading mechanism.

The report also points out that zero day flaws do not necessarily represent a driving force in the growth of malicious attacks or cybercrime in general. A point -- including several other -- which I already discussed in my article "Seven myths about zero day vulnerabilities debunked".

How well is Microsoft positioned to take advantage of the points presented in the study? For starters, for a second year in a row, Microsoft's Internet Explorer outperforms competing browsing in protecting against socially engineered malware, at least according to studies conducted by NSS Labs. Studies whose methodology I debunked in related posts - "IE8 outperforms competing browsers in malware protection -- again" ; "Study: IE8's SmartScreen leads in malware protection.

Now that socially engineered malware is supposedly taken care of, what else is Microsoft missing? It's malware that spreads without user interaction, namely through the exploitation of client-side vulnerabilities in third-party software and browser plugins. That's precisely what the studies from NSS Labs have omitted from their research, especially in times when web malware exploitation kits dominate the threatscape.

What are some of the most common client-side exploits that malicious attackers attempt to exploit through these kits? According to Microsoft:

The most commonly observed type of exploits in 1H11 were those targeting vulnerabilities in the Oracle (formerly Sun) Java Runtime Environment (JRE), Java Virtual Machine (JVM), and Java SE in the Java Development Kit (JDK). Java exploits were responsible for between one-third and one-half of all exploits observed in each of the four most recent quarters.

Consider going through the report here.

Topics: Security, Malware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

11 comments
Log in or register to join the discussion
  • RE: Which is the most popular malware propagation tactic?

    There is almost no protection that is foolproof against a fool who downloads a file then executes it on his computer. But we have several incidents EVERY DAY of somebody who does just that.

    Drive-by downloads from compromised websites are the worst, because often there is no clue to the user what actually happened.
    terry flores
    • dsffds

      Wholesale Bedding Baby Products Suppliers http://www.chinawholesaletown.com/wholesale-Cooler/ Cooler
      Wholesale Socks China Wholesale http://www.chinawholesaletown.com/wholesale-Tag---lable/ Entertainment Supplies
      Personal Safety Products Wholesale Playing Card http://www.chinawholesaletown.com/ Glove
      Wholesale Compressed Products Crystal Gifts http://www.chinawholesaletown.com/wholesale-Playing-Card/ Racks
      Medicine Instrument Wholesale Jewelry http://www.chinawholesaletown.com/wholesale-Eye-Masks/ Playing Card
      Water Bottle Medicine Instrument http://www.chinawholesaletown.com/wholesale-Calendar/ Stapler
      Coca Cola Gifts Wholesale Belt http://www.chinawholesaletown.com/wholesale-Coca-Cola-Gifts/ Mouse
      Wholesale Memory Card Wholesale Knife http://www.chinawholesaletown.com/wholesale-Mouse/ Massager
      China Wholesale Wholesale Clothing http://www.chinawholesaletown.com/wholesale-Electroluminescent/ Advertising Material
      Home Appliances Wholesale Vase http://www.chinawholesaletown.com/wholesale-USB-Flash-Drive/ Glasses
      Promotional Gifts Wholesale Waterproof Case http://www.chinawholesaletown.com/wholesale-Bottle-Opener/ Garden Decorations
      Wholesale USB Flash Drive Wholesale Bookmark http://www.chinawholesaletown.com/wholesale-Banner---Flag/ Money Clip
      Wholesale Mirror Bottle Opener http://www.chinawholesaletown.com/wholesale-Baby-Suppliers/ Promotional Items
      Wholesale Bag Wholesale Scissors http://www.chinawholesaletown.com/wholesale-Wallet/ Vuvuzela
      Name Card Holder Wholesale Scissors http://www.chinawholesaletown.com/wholesale-Knife/ Lanyard
      Wholesale Carabiner Wholesale Pedometer http://www.chinawholesaletown.com/wholesale-T-Shirts/ Coca Cola Gifts
      Wholesale Golf Products Flash Gift http://www.chinawholesaletown.com/wholesale-Writing-Instrument/ Arts Crafts
      Patient Care Products Hair Products http://www.chinawholesaletown.com/wholesale-Stationery/ Keychain
      Wholesale Tellurion Mouse Pad http://www.chinawholesaletown.com/wholesale-Scissors/ Thermometer
      World Cup Products Water Bottle http://www.chinawholesaletown.com/wholesale-Beauty-Equipment/ Voice Recorder
      Wholesale Radio Giveaway Material http://www.chinawholesaletown.com/wholesale-Sticker/ Money Bank
      Wholesale Jewelry Wholesale Tableware http://www.chinawholesaletown.com/wholesale-Pom-Poms/ Knife
      Wholesale Waterproof Case Wholesale Cup http://www.chinawholesaletown.com/wholesale-Electrical-Gifts/ Bracelet
      CD Holde Wholesale USB Flash Drive http://www.chinawholesaletown.com/wholesale-Cap/ Writing Instrument
      Wholesale Shoe Wholesale lable http://www.chinawholesaletown.com/wholesale-Computer-Keyboard/ China Wholesale
      Wholesale Swimming Products Wholesale TelePhone http://www.chinawholesaletown.com/wholesale-USB-Products/ Sticker
      Wholesale Stationery Inflatable Products http://www.chinawholesaletown.com/wholesale-Name-Card-Holder/ Raincoat
      Wholesale T-Shirts Name Card Holder http://www.chinawholesaletown.com/wholesale-Money-Clip/ Electrical Gifts
      Wholesale Pedometer Wholesale Bangle http://www.chinawholesaletown.com/wholesale-Gift-Box---Display/ Consumer Electronics
      Cleaner Products Wedding Favors http://www.chinawholesaletown.com/wholesale-Wedding-Favors/ Bedding
      Lighting Products Wholesale Tellurion http://www.chinawholesaletown.com/wholesale-Socks/ Giveaway Material
      Wholesale Earphone Wholesale Flashlight http://www.chinawholesaletown.com/wholesale-Computer-Accessories/ Hair Products
      Entertainment Supplies Wholesale Compass http://www.chinawholesaletown.com/wholesale-Consumer-Electronics/ Scissors
      Wholesale Scarf Wholesale Raincoat http://www.chinawholesaletown.com/wholesale-Watch/ Computer Accessories
      Hair Products Automotive Products http://www.chinawholesaletown.com/wholesale-Glove/ Wallet
      Wholesale Raincoat Wholesale Glass http://www.chinawholesaletown.com/wholesale-Mobile-Phone/ Waterproof Case
      Wholesale Pen Money Bank http://www.chinawholesaletown.com/wholesale-Album/ Christmas Gifts
      jywhy888
  • RE: Which is the most popular malware propagation tactic?

    http://itshrunk.com/7e7cac ......... thanks
    sdghkiehj
  • RE: Which is the most popular malware propagation tactic?

    Probably very similar to automobile crashes ...... The weakest link......The nut behind the steering wheel.
    BananaBoatWireless
  • RE: Which is the most popular malware propagation tactic?

    Well now I know why Java seems to update every week - bug fixes. In the end I just took it off. Only thing I used it for was Minecraft and even that was too slow.
    tonymcs@...
  • RE: Which is the most popular malware propagation tactic?

    LOL, still falls back to the threat between the chair and the keyboard :p
    MrElectrifyer
  • I would say, it's bloggers

    Because they want page hits above all.
    ego.sum.stig
    • True

      @ego.sum.stig@...

      Bloggers and websites with unchecked ad providers seem to be a huge part of this problem. Along with linkbait search result sites. Pirate software sites are also a major source - not always from the downloads, but often with Javascript exploits right on the page. The unfiltered web is becoming a cesspool of infected links. It's no wonder that users are preferring the safety of "the managed web" through mobile apps.
      Joe_Raby
      • RE: websites with unchecked ad providers

        @Joe_Raby

        Which is why Firefox with 'No Script' and 'Ad Block Plus' are a better way to go.
        fatman65536
  • RE: Which is the most popular malware propagation tactic?

    This report won't say it, but what about the most effective malware propagation method of all? Release unimproved alpha or early beta versions with the name "Microsoft" on them, then fix the bugs that the suckers discover for you!
    orangemike
  • RE: Which is the most popular malware propagation tactic?

    The problem is that you get this crap in your emails and you know that no one is doing anything about it. Law enforcement consists or ignoring attempts to steal from you. What's the use of bearing arms if they're not being used?
    trm1945