June malware report - something's phishy

June marked an increased in malware and the highest rate of phishing attacks to date on the Web, Fortinet's latest report on online threats found.
Written by Victoria Ho, Contributor
June marked an increased in malware and the "highest rate of phishing attacks to date" on the Web, Fortinet's latest report on online threats found.

The threat management vendor released on Monday its latest monthly report, which highlighted the current reign of Trojan horses and "disappointing" anti-spam campaigns.

Of the overall 108 newly-reported vulnerabilities in June, 62 were active exploits, indicating an "all-time high" of 57.4 percent, Fortinet said.

Fortinet said the majority of overall activity came from the United States, which contributed 22 percent of all reported exploits.

A significant proportion of the attacks were traced back to Asia--specifically, Singapore, Japan and Korea, which ranked second, third and fourth place, respectively. Some 13.57 percent of all attacks originated in Singapore.

Online games sites hosted the most number of Trojans, followed by Zbot variants W32/Zbot.M and W32/Zbot.V, which climbed to second and third place, respectively. The Zbot malware spreads keylogging and data-siphoning Trojans through e-cards sent via e-mail, directing users to malicious sites.

Another commonly used malware redirecting visitors to infected sites was the JS/PackRedir.A, which moved up 36 positions on the list to fifth position, said Fortinet.

In a separate release Monday, antivirus company Symantec released an alert warning of another Trojan, Infostealer.Bancos, which attempts to steal passwords after by enticing users to click on infected PDF files. Infostealer.Bancos has most recently been seen in PDF files sent via e-mail messages that purport to reveal Elvis Presley's whereabouts, said Symantec.

Efforts in vain According to Fortinet's report, spam levels remain unchanged in spite of efforts to take down spam-spreading network, 3FN/Pricewert.

Derek Manky, Fortinet's project manager of cybersecurity and threat research, said in the report: "There were some very noteworthy trends that surfaced in the June report, such as the growing popularity of Web-borne malware, which we see driving the next generation of threats to online services.

"Hackers continue to attempt to drive mass traffic to their threats, utilizing various tactics aided by large online communities and as a result, [now] more than ever, users should be wary about who and what they trust," he said.

Symantec's alert also noted: "Be wary of what you are doing on the Web, especially when it comes to current news stories. If [a site] asks you to download a new codec or open a PDF [file], just say no!"

The H1N1 virus was another hot topic hitting inboxes in recent months, as reported by McAfee and Cisco IronPort.

Phishing can be costly. According to earlier estimates from Gartner, each phishing attack last year cost the U.S. financial services industry an average US$351.

This article was originally posted on ZDNet Asia.

Editorial standards