CashOn spyware tops threat list

Residing on a Korean top-level domain, CashOn adware makes up almost 14 percent of global threats detected, with almost all activity in Korea, finds a Fortinet report.
Written by Victoria Ho, Contributor

CashOn, an adware toolbar plug-in, has topped security company Fortinet's global list of high-risk threats for the month of September.

According to a report released today, the amount of adware "almost doubled in volume since August", moving up from fourth to first place in September.

CashOn showed up in 13.9 percent of all threats detected by Fortinet. Its activity rate was also twice its volume growth, the report found. CashOn first made Fortinet's top 10 list in August.

CashOn is installed without the user's permission once downloaded, and it finds its way onto users' systems through downloaded files or exploits on Web sites. Once it is downloaded, CashOn changes the user's browser settings such that each time the browser is loaded, the user is directed to the CashOn Web site.

Fortinet said 99.8 percent of the spyware's activity is based in Korea. CashOn resides on a Korean top-level Web site domain and acts as a gateway to various other Korean-based shopping sites, said Fortinet.

According to the security vendor, other players besides CashOn may be behind the spyware distribution campaign.

Derek Manky, Fortinet security research engineer, said in a statement: "In order to make profits from [an e-commerce site], there is a need for exposure, which requires an effective seeding strategy."

Manky warned computer users to guard against such cyber threats. "Users need to continue to educate themselves on [spyware threats] to ensure that they have the necessary protection to guard against future outbreaks," he said.

Editorial standards