BitDefender Lab Publishes first E-Threats Landscape Report
July 2008 by Bitdefender
Eighty percent of malware distributed worldwide consisted of Trojans according to the E-Threats Landscape Report, the first in a series of comprehensive security threat studies published by BitDefender® Lab, an award-winning provider of antivirus software and data security solutions. This E-Threats Landscape Report provides a comprehensive overview of the security threats landscape over the last six months, from January to June 2008.
BitDefender’s security experts analyzed and examined the menaces of the first half of 2008, focusing on software vulnerabilities and exploits, different types of malware, as well as countermeasures, cyber crime prevention and law enforcement.
BitDefender’s E-Threats Landscape Report concentrates mainly on the first half of 2008, but it also contains facts, data and trends concerning the previously investigated periods, as well as several predictions related to the last half of 2008.
Other highlights of BitDefender’s E-Threats Landscape Report include:
· 1/3 of global malware exploited OS’s and applications’ vulnerabilities
· Text-based spam comprised 70 percent of total unsolicited e-mails
· Image spam continued to decline in the first half of 2008
· Drugs represented the most advocated content via e-mail spam
· 50 percent of phishing attempts forged identification elements pertaining to US financial organizations
· Phishers targeted victims from EU states
Malware
BitDefender’s E-Threats Landscape Report reveals that malware creators concentrated on exploiting system vulnerabilities via threats mimicking legitimate applications in the first half of 2008.
The World’s Top 10 Malware list for the first half of 2008 includes:
01
Trojan.Clicker.CM
02
Trojan.Downloader.WMA.Wimad.N
03
Trojan.Autorun.EU
04
Trojan.FakeAlert.PP
05
Trojan.Peed.Gen
06
Trojan.Qhost.AKR
07
Trojan.HTML.Zlob.W
08
Packer.Malware.NSAnti.K
09
Trojan.Downloader.SWF.Gida.A
10
Exploit.Win32.Mso5-002.Gen
“In 2008, BitDefender is finding thatmalware continues to revolve around profit, mainly financial,” said Sorin Dudea, head of BitDefender’s Antimalware Research Lab. “To ensure gains, cybercriminals need a way to compromise a large number of systems where to deploy as many bots, adware and spyware as possible, with less or no cost at all. The most difficult task is not the malware’s dissemination but the system’s infiltration and exposure to other threats. This explains the Trojan horses’ heavy mass production in the last six months.”
The World’s Top 10 Malware Distribution Methods for the first half of 2008 includes:
01
Exploits
02
Downloaders
03
Malicious Advertising
04
Bundle Applications
05
Social Engineering Web Sites
06
Information Sites
07
Autorun Infectors
08
File Infectors
09
E-email Spam
10
Peer-2-Peer
E-Mail Spam
In terms of spam media and techniques, the most notable trend that BitDefender’s security analysts tracked in the first half of 2008 was the revival of text-based spam, which reached 70 percent, compared to 20 percent during the same period in 2007. Image spam continued its decline in the first half of 2008, ending at 3 percent in June 2008, compared to 60 percent in June 2007.
“BitDefender has found that plain-text continues to be the most prolific medium for e-mail spam distribution, especially due to its simplicity, reduced size and extreme versatility,” said Vlad Valceanu, head of BitDefender AntiSpam Research Lab.
The World’s Top 10 list of E-Mail Spam’s Featured Content for first half of 2008 includes:
01
Drugs
02
Replica Watches
03
Phishing (tool for)
04
Pirated Software
05
Pornography
06
Loans
07
Hire & Equipment
08
Torjans’ Spread (tool for)
09
Dating
10
Diploma
Phishing & ID Abuse
Phishing trends for the first half of 2008 indicated a variation and growth of spoofed banks and targeted clients. Primarily, forged elements belonged to US financial organizations, while the possible victims are now native English speakers who reside in the United States, United Kingdom or Canada. Phishing e-mails continued to be negative, such as account blocking or expiration and account details update for security reasons.
The World’s Top 10 list of Counterfeit Business Identities in the first half of 2008 includes:
01
eBay
02
Paypal
03
Bank of America
04
Wachovia
05
Fifth Third Bank
06
NatWest
07
Poste Italiane
08
Sparkasse
09
Regions Bank
10
Volksbank
“Spammers and phishers continued to improve their skills in replicating and forging legitimate message characteristics,” said Vlad Vâlceanu, Head of BitDefender Antispam Research Lab. “However, the simple text e-mails proved their efficiency as well, rounding up the total figure of ID theft victims to 50,000 each month.”